- Google fixes Chrome Zero-Day CVE-2025-13223 in the V8 engine
- A bug allowed the execution of arbitrary code, likely exploited by state-sponsored malicious actors.
- Users should update Chrome to version 142.0.7444.175/.176 on all platforms.
Google has fixed a worrying security flaw in its Chrome browser that was being misused as a zero-day.
In a new security advisory, Google said it fixed a type confusion vulnerability in the V8 JavaScript and WebAssembly engine that led to arbitrary code execution. V8 is the browser’s JavaScript and WebAssembly engine – essentially the “brains” that read, compile, and execute JavaScript and WASM code in web pages.
The vulnerability is now tracked as CVE-2025-13223 and has a severity score of 8.8/10 (high). “Type Confusion in V8 in Google Chrome before 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page,” the National Vulnerability Database (NVD) said in its explanation.
Fix the problem
As reported Hacker newsThe bug was first discovered by a security researcher at Google’s Threat Analysis Group (TAG), who did not detail the identities of the attackers and victims.
However, we know from previous reports that Google’s TAG team typically monitors state-sponsored threat actors. It is therefore reasonable to assume that this bug was exploited by actors such as North Korea, China, Russia or Iran. Lazarus Group (North Korea) and APT29 (Russia) have both been observed abusing Chrome vulnerabilities in the past.
This is the third type of confusion bug found in V8 this year, Hacker news added, after CVE-2025-6554 and CVE-2025-10585.
Since by default Google updates automatically on the next launch, users probably don’t need to do anything. However, if automatic updates are disabled, make sure to update the browser to versions 142.0.7444.175/.176 for Windows, 142.0.7444.176 for Apple macOS, and 142.0.7444.175 for Linux.
To check which version of Chrome you’re using, go to More > Help > About Google Chrome and select Relaunch.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
