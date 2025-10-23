In a rare move, Google has issued its second emergency update for Chrome within a single week, urging more than 3.5 billion users worldwide to update their browsers immediately. The latest patch targets a critical security vulnerability (CVE-2025-12036) capable of allowing remote code execution (RCE), a severe threat that could let attackers run malicious code simply by getting users to visit a compromised website.

The flaw, which resides in Chrome’s V8 JavaScript engine, is being tracked as CVE-2025-12036. According to Google, it could enable attackers to execute arbitrary code on vulnerable systems without requiring any further user interaction. This means a simple webpage visit could be enough to trigger an attack.

Srinivas Sista, a member of the Chrome security team, confirmed that the issue was discovered internally by Google’s AI-powered “Big Sleep” security system, a new automated resource trained to identify potential exploits faster than traditional methods.

Access to bug details and links may be kept restricted until a majority of users are updated with a fix, updates would be rolled out over the coming days and weeks.

This marks the second critical Chrome patch in less than seven days, a sign that Google’s security teams are racing to stay ahead of cybercriminals exploiting the browser’s most complex components.

Why This Vulnerability Matters

Chrome’s V8 engine is at the heart of how the browser processes JavaScript, the core code behind nearly all modern web pages. Any flaw in this engine opens the door to potential remote code execution, allowing hackers to install malware, steal data, or gain full control of a device.

Security experts have noted that zero-day vulnerabilities in V8 are particularly dangerous, as they are often targeted before patches are released.

How to Protect Your Browser Right Now

Google has released the patched versions of Chrome as follows:

Windows and macOS: version 141.0.7390.122/.123

Linux: version 141.0.7390.122

Android: version 141.0.7390.122

To update manually:

Open Chrome and go to Settings → Help → About Google Chrome.

Chrome will automatically check for updates and install the latest version.

Once installed, restart the browser to activate the patch.

Users should also ensure automatic updates are enabled and avoid visiting unfamiliar or untrusted websites until the update is confirmed applied.

A Growing Trend of Browser Exploits

This latest emergency patch comes on the heels of another Chrome update just days earlier, also issued to fix a zero-day exploit actively being used in the wild. The back-to-back updates suggest that Google’s threat detection systems are increasingly identifying vulnerabilities before attackers can exploit them widely.

What This Means for Users

While Google’s swift response is reassuring, it also signals the ever-increasing sophistication of browser-based attacks. The reliance on AI systems like Big Sleep to identify such flaws shows how the company is integrating machine learning into its frontline defense.

Chrome’s ubiquity means even a small fraction of unpatched systems could still provide ample opportunity for attackers. Cybersecurity experts estimate that with 3.5 billion active users, even 1% of unpatched browsers equates to 35 million vulnerable devices, a massive attack surface.

So if you haven’t updated Chrome yet, do it now. It might be the simplest cybersecurity move you make all week and potentially the most important.

