Google Chrome was affected by a serious security flaw that allowed an attacker to execute malicious code remotely on a user’s computer. The search giant says that it is aware that hackers have developed and deployed an exploit that leverages the vulnerability. Google says an update to Google Chrome will roll out to users in the coming days or weeks. Users should install the latest version of Chrome on Windows, Mac, and Linux computers in order to remain protected.
Google Chrome Update Rolls Out for Windows, Mac and Linux
In a blog post published earlier this week, Google says that the security flaw in Chrome was detected by Clément Lecigne of Google’s Threat Analysis Group on June 25. The vulnerability is identified as CVE-2025-6554 (Type Confusion in V8) and the company has assigned it a high severity rating. It impacts the open source V8 JavaScript engine used by Google Chrome.
According to the description for the security vulnerability, arbitrary code can be executed on a user’s system if they visit a malicious HTML page created by a remote attacker. By leveraging this flaw, the attacker could gain access to the user’s computer, exfiltrate personal data, or download malware on the system.
It’s also worth noting that Google is aware of an exploit that takes advantage of the vulnerability that was being used “in the wild”. This means that the company knows that attackers have already used the flaw to target users online.
Thankfully, Google Chrome 138.0.7204.96/.97 for Windows, contains a fix for the flaw, while users on macOS and Linux can update to version 138.0.7204.92/.93 and version 138.0.7204.92, respectively. There’s no mention of patches for Android and iOS, so it appears that these platforms are not affected by the flaw.
If your browser hasn’t already updated to the latest version, you can open the main menu in the top right corner of the screen, then tap on Help > About Chrome and wait for the latest version to download and install. You will also need to restart Chrome to load the latest version after the update process is completed.
