Google distributes an unplanned update for the Chrome web browser – actually on all supported platforms. The cause is a security gap in the browser that has already been actively attacked on the Internet.
In the The Chrome developers write the version terminationthat the update only contains a security fix. It is a “Type Confusion” weak point, in which unexpected data types are handed over to program code parts. This triggers unexpected behavior and the attacker can use the JavaSCrip-Engine V8, which for any writing and reading access through carefully prepared, malicious websites (CVE 2025-6554 / no EUV, no CVSS, risk according to Google “high“).
Attacked security leak
Google already distributed countermeasures through a configuration change on June 26 for all platforms in the Stable Canal. The gap discovered the Google Threat Analysis Group on June 25th. However, the developers now correctly close the weak point with code changes. “Google is known that an exploit for CVE-2025-6554 exists in the wild,” the developers also add-the security gap is already misused by malignant actors.
The versions of Chrome 138.0.7204.63 for Android, 138.0.7204.119 for iOS, 138.0.7204.96 for Linux, 138.0.7204.92/.93 for Mac and finally 138.0.7204.96/.97 for Windows. The Extended Stable versions also lift the developers to versions 138.0.7204.93 for MacOS and 138.0.7204.97 for Windows.
Check current version status
To check whether Chrome is already up to date, users can call up the version dialog. You can achieve this by clicking on the symbol with the three stacked points on the right of the address bar and there the further path to “help” towards “via Google Chrome”. If necessary, this will also encounter the update process when the browser is outdated.
On other platforms, the app stores or, for example, the distribution-specific software management are responsible for updating. Since the chromium code represents the basis for other web browsers such as Microsoft’s Edge, these updated versions will also be distributed shortly. Users should then install them quickly.
Most recently, Google had repaired an already attacked weak point in Chrome in early June. The developers also first mitigated these security gaps by distributing a configuration change.
Discover more from Apple News
Subscribe to get the latest posts sent to your email.