Google has recently pushed out an urgent Chrome security update, patching five vulnerabilities that could leave users exposed to attacks while browsing. Three of the flaws are rated high-severity, prompting security experts to urge immediate updates.
The rollout of Chrome 142 began yesterday and will reach users gradually over the coming weeks across Windows, Mac, Linux, and Android devices.
The most serious vulnerability involves WebGPU, Chrome’s graphics processing technology. Security researchers discovered an out-of-bounds write flaw (CVE-2025-12725) that could allow hackers to execute malicious code on victims’ machines simply by getting them to visit a compromised website.
Two additional high-risk bugs affect Chrome’s user interface and JavaScript engine. The V8 engine flaw is particularly concerning since JavaScript runs on virtually every website users visit daily.
Rounding out the update are two medium-severity vulnerabilities in Chrome’s address bar that could enable phishing attacks. These Omnibox flaws might allow attackers to disguise malicious URLs as legitimate sites, tricking users into entering passwords or financial information.
IT administrators managing enterprise Chrome deployments should prioritize pushing this update given the severity ratings. The vulnerabilities pose particular risks in environments where employees regularly access external websites.
Updating
On desktop, Chrome typically updates itself in the background, but users can force an immediate check by clicking the three-dot menu, selecting “Settings,” then “About Chrome.” The browser will download the latest version and prompt for a restart.
Android users will see the update appear in Google Play over the next few days, though it can be manually triggered through the store’s app update section.
Set aside a few minutes to verify your browser and primary apps are current—your digital security is worth it.
Leave a Reply