Google Chrome Urgent Update Fixes Zero-Day Vulnerability

Redazione RHC : 11 December 2025 07:19

An urgent update has been released by Google for the stable version of the Desktop browser, in order to address an extremely serious vulnerability that is currently being exploited.

This update , which brings the browser to version 143.0.7499.109/.110, fixes three security vulnerabilities, including a zero-day flaw flagged as 466192044. Google, unusually, has kept the details of its CVE identifier under wraps, simply listing it as “Coordinating.”

Google also fixed two other medium-severity vulnerabilities reported by external security experts. For these, a total of $4,000 was awarded under the bug bounty program . They are:

• CVE-2025-14372: A use-after-free vulnerability in Password Manager. This memory corruption bug was reported by Weipeng Jiang (@Krace) of VRI on November 14, 2025, and earned a $2,000 bounty.
• CVE-2025-14373: An inappropriate toolbar implementation. Discovered by researcher Khalil Zhani on November 18, 2025, this flaw also carried a $2,000 bounty.

Returning to the previous vulnerability without a CVE, the company issued a stern warning: ” Google is aware of a specific exploit for the number 466192044.” This confirms that threat actors have already exploited the flaw to target users .

The “coordination in progress” status means that the vulnerability may require further cooperation with other vendors before the full technical details can be safely disclosed.

The update is now available for Windows, Mac, and Linux users. Given the active exploitation of this high-severity vulnerability, administrators and users are strongly advised not to wait for the automatic release.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli