{"id":302248,"date":"2025-11-20T01:41:08","date_gmt":"2025-11-20T01:41:08","guid":{"rendered":"https:\/\/www.newsbeep.com\/us\/302248\/"},"modified":"2025-11-20T01:41:08","modified_gmt":"2025-11-20T01:41:08","slug":"attacks-confirmed-google-issues-emergency-update-for-2-billion-chrome-users","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/us\/302248\/","title":{"rendered":"Attacks Confirmed\u2014Google Issues Emergency Update For 2 Billion Chrome Users"},"content":{"rendered":"

\"Google<\/p>\n

Chrome emergency update confirmed <\/p>\n

dpa\/picture alliance via Getty Images<\/p>\n

Updated Nov. 19 with confirmation that America\u2019s cyber defense agency has issued an update deadline for Chrome users given the severity of this new zero day.<\/p>\n

Google has suddenly warned<\/a> that attacks on Chrome are underway, issuing an emergency update for all desktop users. \u201cGoogle is aware that an exploit for CVE-2025-13223<\/a> exists in the wild,\u201d the company confirmed on Monday.<\/p>\n

The vulnerability \u2014 a \u201cType Confusion in V8\u201d \u2014 was discovered by Google\u2019s own Threat Analysis Group last week. This fix has been rushed out, highlighting its seriousness.<\/p>\n

That severity has now been underlined by America\u2019s cyber defense agency mandating federal staff to update or to stop using Chrome. CISA<\/a> added CVE-2025-13223 to its Known Exploited Vulnerability (KEV) catalog on Nov. 19, and has confirmed a Dec. 10 deadline for federal agency users to update or \u201cdiscontinue use of the product.\u201d<\/p>\n

ForbesHas Samsung Installed \u2018Unremovable Israeli Spyware\u2019 On Your Phone?By Zak Doffman<\/a><\/p>\n

While CISA\u2019s formal update order is only for federal staff, its mandate is \u201cfor the benefit of the cybersecurity community and network defenders\u2014and to help every organization better manage vulnerabilities and keep pace with threat activity.\u201d<\/p>\n

As such, all Chrome users should update their browsers now. The update should download automatically, but you will need to restart your browser<\/a> to ensure it installs and takes effect. Your regular tabs will reload, but your private \u201cincognito\u201d tabs will not.<\/p>\n

Despite there being a lack of more details information on this latest zero day threat, the type of flaw can enable a remote attacker to destabilize a system or run their own arbitrary code to exfiltrate data or push malicious software onto a target device.<\/p>\n

These types of flaws can also be chained with other vulnerabilities to provide an initial entry point to a device or the network on which that device sits. <\/p>\n

Per NIST<\/a>, this \u201cType Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\u201d The vulnerability has been issued a high-severity rating.<\/p>\n

Forbes\u2018Upgrade Now,\u2019 Microsoft Warns As Urgent Windows Update ConfirmedBy Zak Doffman<\/a><\/p>\n

As ever, Google also says \u201caccess to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven\u2019t yet fixed.\u201d<\/p>\n

The update brings Chrome\u2019s stable channel up to 142.0.7444.175\/.176 for Windows and 142.0.7444.176 for Mac. For Linux it\u2019s 142.0.7444.175. While Google\u2019s boilerplate says \u201croll out over the coming days\/weeks,\u201d you can expect the update today.<\/p>\n

While Google Chrome zero days are a regular event, Google takes immense credit for the speed with which fixes are developed and deployed. It goes without saying that all users should update their browsers as soon as they see the restart flag. <\/p>\n","protected":false},"excerpt":{"rendered":"Chrome emergency update confirmed dpa\/picture alliance via Getty Images Updated Nov. 19 with confirmation that America\u2019s cyber defense…\n","protected":false},"author":2,"featured_media":302249,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31],"tags":[157126,157129,157127,157128,157130,74],"class_list":{"0":"post-302248","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-chrome-attack","9":"tag-chrome-attacks-wild","10":"tag-chrome-emergency-update","11":"tag-chrome-update-now","12":"tag-chrome-zero-day","13":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/302248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/comments?post=302248"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/posts\/302248\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media\/302249"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/media?parent=302248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/categories?post=302248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us\/wp-json\/wp\/v2\/tags?post=302248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}