| Overview |
| Google has released a critical security update for the Chrome browser addressing CVE-2025-6558, a high-severity zero-day vulnerability currently being exploited. The flaw resides in Chrome’s V8 JavaScript engine, allowing attackers to execute arbitrary code through specially crafted web pages. Google has confirmed active exploitation attempts, making it imperative for users to update their browsers immediately. |
| IMPACT |
| If left unpatched, this vulnerability could enable remote attackers to gain control of affected systems, potentially leading to data theft, malware installation, or complete system compromise. Enterprises using Chrome for critical workflows may face escalated risks, including unauthorized access to corporate networks or sensitive data. |
| AFFECTED PRODUCTS |
| · Chrome on Windows
· Chrome on macOS · Chrome on Linux |
| Preventive Measures |
| · Upgrade to the latest Chrome versions 138.0.7204.157/.158 for Windows and Apple macOS, and 138.0.7204.157 for Linux.
· For managed enterprise environments, ensure centralized updates are pushed across all endpoints. · Ensure Chrome’s auto-update feature is enabled to receive future critical patches promptly. |
| REFERENCE |
| https://thehackernews.com/2025/07/urgent-google-releases-critical-chrome.html
https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html |