For the sixth time this year, Google has issued a patch for a zero-day flaw in Chrome. According to Bleeping Computer, the emergency security update fixes a flaw that is currently being exploited by hackers in the wild.
As per usual, Google is not issuing any further details about the vulnerability at this time: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix… We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
The company did warn that this is a public exploit, which typically indicates that there has been active exploitation of the bug in the wild. In a security advisory released on Wednesday, Google stated that it is aware that an exploit for CVE-2025-10585 exists in the wild. The vulnerability is a high-severity zero-day caused “by a type confusion weakness in the web browsers V8 JavaScript engine” according to Google’s Threat Analysis Group.
The company mitigated the issue a day later by sending out a release for both the Windows/Mac and Linux versions of its browser. This version will roll out to Chrome's Stable Desktop channel in the coming weeks.
How to stay safe online
Chrome does of course automatically update when new security patches are available and users can trigger the process by going to the Chrome menu > Help > About Google Chrome. Then allowing the update to finish and clicking the relaunch button to make sure its installed immediately.
It's important to make sure that your software and operating systems are kept up-to-date, and you can always see if you can set them to update automatically in order to things easier for you. Many of the best antivirus software will also let you automatically schedule scans to help protect your system from malware and other viruses. When you install one, also make sure to set up all of the extra features like a VPN, a hardened browser or other protections that can keep you safe while browsing.
Given that Google patched a total of 10 Chrome zero-days last year, I doubt this one will be the last. This is why keeping your browser up to date and not ignoring updates when they become available is so important.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!
- Nearly 200,000 people hit in New York Blood Center data breach — names, IDs, SSNs and more exposed
- Samsung security flaw could let hackers remotely control your device — update your Galaxy phone right now
- Google just took down 224 malicious apps with 38 million installs in massive SlopAds fraud campaign — how to stay safe
