Google Rushes Critical Chrome Update to Fix Active Security Flaw
The Hacker News
|
Contributed by: Drex DeFord
Summary
Google has released emergency patches for its Chrome browser to fix three security vulnerabilities, including a critical flaw (CVE-2025-5419) that is being actively exploited. This high-severity vulnerability, with a CVSS score of 8.8, allows remote attackers to potentially exploit heap corruption via a malicious HTML page. Discovered by Google's Threat Analysis Group on May 27, 2025, the issue was quickly addressed with a configuration update the next day. Google has provided minimal information about the ongoing attacks and the threat actors to ensure users can update their browsers before further exploitation occurs. This is the second zero-day vulnerability the company has patched this year.
