Google on Wednesday issued security updates to address four weaknesses for the Chrome web browser, stating that it is said that the wild has been exploited.
There is zero-day vulnerability in question Cve-2025-10585Which is described as a type of confusion problem in the V8 JavaScript and Webassembly engine.
The weaknesses of confusion can have serious consequences as they can be armed by bad actors to trigger unexpected software behavior, resulting in arbitrary code and program crash.
The analysis of Google’s danger group (TAG) credited for discovering and reporting defects on 16 September 2025.
As it usually occurs, the company did not share any additional nuances about the misuse of vulnerability in real -world attacks, or on the scale of such efforts. This is done to prevent other danger actors from exploiting the issue before users can apply a fix.
“Google knows that an exploitation for CVE-2025–10585 is present in the wild,” it accepted in a consultant.
The CVE-2025–10585 Chrome has a sixth zero-day vulnerability that has been actively exploited or displayed as either a proof-off-concept (POC) since the beginning of the year. This includes: CVE-2025-2783, CVE-2025-4664, CVE-2025-5419, CVE-2025-6554, and CVE-2025-6558.
For protection against potential hazards, it is advisable to update their chrome browser to Windows and Apple MacoS in versions of 140.0.7339.185/.186, and 140.0.7339.185 for Linux. To ensure that the latest updates are installed, users can navigate on more> aid> about Google Chrome and select Relaunch.
Users of other chromium-based browsers, such as Microsoft Edge, Brave, Opera, and Vivaldi, are also advised to be available and when they become available.
