Google Releases Security Update for Chrome

Security update addresses an exploited high severity vulnerability in Google Chrome

Threat ID:: CC-4700
Threat Severity:: Medium
Published:: 18 September 2025 1:26 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security update addresses an exploited high severity vulnerability in Google Chrome

Affected platforms

The following platforms are known to be affected:

Google Chrome for Windows, macOS and Linux

All prior to 140.0.7339.185/.186 for Windows and macOS
All prior to 140.0.7339.185 for Linux

Threat details

Exploitation of CVE-2025-10585

Google is aware that an exploit for CVE-2025-10585 exists in the wild.

Introduction

Google has released version 140.0.7339.185/.186 for Chrome for Windows and Mac and 140.0.7339.185 for Chrome for Linux, which will roll out over the coming days/weeks.

The updates address four high severity vulnerabilities, including CVE-2025-10585, which has an exploit in the wild.

CVE-2025-10585 - Type Confusion in V8 - High severity
CVE-2025-10500 - Use after free in Dawn - High severity
CVE-2025-10501 - Use after free in WebRTC - High severity
CVE-2025-10502 - Heap buffer overflow in ANGLE - High severity

Remediation advice

Affected organisations are encouraged to review Google's Stable Channel Update for Desktop 17 advisory and apply the relevant updates as soon as possible.

Definitive source of threat updates

https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html

CVE Vulnerabilities

CVE-2025-10585

CVE-2025-10500

CVE-2025-10501

CVE-2025-10502

Last edited: 18 September 2025 1:27 pm