You are currently viewing Google Chrome Zero-day Vulnerability Actively Exploited in the Wild

Google Chrome Zero-day Vulnerability Actively Exploited in the Wild

  • Post author:
  • Reading time:3 mins read

Google has urgently released a security update for its Chrome browser to address a zero-day vulnerability, CVE-2025-6558, which is currently being exploited in the wild. This update also includes patches for two additional high-severity flaws—CVE-2025-7656 and CVE-2025-7657—making immediate action essential to keep systems secure.

Vulnerability Details
The primary zero-day, CVE-2025-6558, stems from incorrect validation of untrusted input in the ANGLE (Almost Native Graphics Layer Engine) and GPU components. By crafting specially designed graphics calls, an attacker can trigger out-of-bounds memory access, potentially leading to arbitrary code execution.

In the same update, Google has fixed two other critical issues:

  • CVE-2025-7656: An integer overflow in the V8 JavaScript engine, which could allow attackers to execute arbitrary code by overflowing internal counters.
  • CVE-2025-7657: A use-after-free in the WebRTC functionality, enabling remote code execution or browser crashes when handling malformed media streams.

Root Cause
These vulnerabilities arise from distinct flaws within Chrome’s graphics and scripting subsystems:

  1. ANGLE/GPU input validation (CVE-2025-6558): Improper checks on user-supplied graphics data.
  2. V8 integer overflow (CVE-2025-7656): Lack of bounds checking on arithmetic operations in the JavaScript engine.
  3. WebRTC use-after-free (CVE-2025-7657): Failure to manage object lifetimes correctly during media negotiation.

Impact & Exploit Potential

  • CVE-2025-6558: Actively exploited in the wild, this flaw poses an immediate risk. Successful exploitation can lead to full browser compromise and potentially sandbox escape.
  • CVE-2025-7656: Integer overflows can corrupt memory or hijack control flow, often resulting in arbitrary code execution.
  • CVE-2025-7657: Use-after-free bugs may allow attackers to run malicious code or crash the browser, disrupting availability.

Unpatched users remain vulnerable to targeted attacks, drive-by downloads, and malicious web pages designed to exploit these flaws.

Affected Products

  • Windows & macOS: Chrome versions prior to 138.0.7204.157/.158
  • Linux: Chrome versions prior to 138.0.7204.157

Chromium-based browsers (Microsoft Edge, Brave, Opera, Vivaldi, etc.) are also likely affected and should be updated when vendor patches become available.

Mitigation & Recommendations

  1. Update Chrome Immediately: Navigate to Help > About Google Chrome to trigger the update to 138.0.7204.157/.158 (Windows/macOS) or 138.0.7204.157 (Linux).
  2. Exercise Caution: Avoid opening untrusted links or visiting unfamiliar websites until fully patched.
  3. Monitor Chromium-based Browsers: Apply vendor updates for other browsers as they roll out fixes.

Instantly Fix Risks with Saner Patch Management
Saner patch management is a continuous, automated solution that instantly addresses risks exploited in the wild. It supports Windows, Linux, macOS, and 550+ third-party applications.

  • Safe Testing Area: Validate patches in an isolated environment before deployment.
  • Patch Rollback: Revert updates seamlessly in case of failure or system issues.

Experience the fastest, most reliable patching software here.