Google developers have discovered chrome security gaps in their web browser and published updated software. Attackers from the network can compensate for information without authorization through the gaps. An exploit is already circulating online for this weak point.
In the Version announcement explain Google’s developerthat you seal four security gaps with the updated version. Since only two of them were reported by external IT researchers, Google only provides information snippets for these two.
Google Chrome: Vulnerability with Exploit
A security gap is based on an inadequate guideline enforcement in the component “Loader” by Chrome. The vulnerability entry Supplements that attackers from the network can compensate for information “cross-origin” with manipulated HTML pages-a website can compensate for information from another (CVE-2025-4664 / EuVD-2025-14909CVSS 4.3, risk according to Google “high“, according to CVSS”medium“).” Google is known that an exploit for CVE 2025-4664 exists in the wild, “the manufacturer continues.
A second security gap affects the Mojo component-it serves, for example, for inter-process communication-which can deliver false handles under not described circumstances. Google does not describe the potential effects; Neither the CVE nor the EUVD entry have so far been publicly available, which usually still provides a half-sentence of information (CVE-2025-4609, no CVSS value, risk according to Google “high“). So far, there is no information about the other two vulnerabilities except that they exist.
The error-adjusted browser versions are Google Chrome 136.0.7103.125 for Android, 136.0.7103.113 for Linux and 136.0.7103.113/114 for MacOS and Windows.
Make a version test
The updated program versions can be installed by calling the version dialog, provided the browser is not yet up to date. This can be checked by clicking on the browser menu, which is behind the symbol with the three stacked points on the right side of the address bar. The further path then goes beyond “help” towards “via Google Chrome”.
Under Linux, the software management of the distribution used is usually responsible for updating. The security gaps affect the chromium base and are therefore likely to make browsers such as Microsoft’s Edge vulnerable. Microsoft usually provides an update on Friday. Users should then use this quickly – this also succeeds in using the version dialog.
Discover more from Apple News
Subscribe to get the latest posts sent to your email.