heise PlusAbo
Anzeige

Chrome update closes attacked security vulnerability

Google updated the Chrome web browser overnight on Thursday. The update closes an attacked security vulnerability.

listen Print view
Distorted Chrome logo and an attention sign against a background of raining matrix characters

(Image: heise online / dmk)

2 min. read
Security
By

Google updated the Chrome web browser overnight on Thursday. With the update, the manufacturer is also closing a security vulnerability that has already been attacked in the wild.

Google explains this in the version announcement. "Google is aware that an exploit exists in the wild," the developers write there, and while they provide an issue number, they hold back on any details about the vulnerability. They only mention the risk classification as "high", but not even the affected component of the browser. There is apparently no CVE number yet either.

A total of three security vulnerabilities

In addition, there are two more vulnerabilities that the release fixes. Attackers can exploit a use-after-free vulnerability in the password manager, which often allows the injection and execution of malicious code. However, this does not seem to be too easy due to the threat assessment (CVE-2025-14372, risk "medium"). Furthermore, malicious actors can apparently exploit an "inappropriate implementation" in the toolbar for unspecified malicious actions (CVE-2025-14373, risk "medium").

Videos by heise

Chrome users should ensure that they are using the new software versions.

Check software status

Google is fixing the errors in Chrome 143.0.7499.109 for Android, 143.0.7499.109 for Linux, and 143.0.7499.109/.110 for macOS and Windows. In addition, build 142.0.7499.235 for macOS and Windows is available as an Extended Stable version. Browsers based on Chromium, such as Microsoft's Edge, are likely to be available in a bug-fixed version shortly.

The version dialog reveals whether the software is already up to date. This can be accessed via the browser menu, which in Chrome opens by clicking on the icon with the three stacked dots to the right of the address bar and then navigating via "Help" – "About Google Chrome".

The web browser's version dialog shows the currently running software status and starts the update if available.

(Image: heise medien)

If an update is available, this will start the update process and then prompt for the necessary browser restart. On Linux, it is usually necessary to use the distribution's own software management for the update.

Most recently, Google had to fix a vulnerability in Chrome in mid-November that was already being attacked by attackers from the internet.

(dmk)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten