Google Chrome Zero-day Vulnerability Actively Exploited in the Wild

Google has urgently released a security update for its Chrome browser to address a zero-day vulnerability, CVE-2025-6558, which is currently being exploited in the wild. This update also includes patches for two additional high-severity flaws CVE-2025-7656 and CVE-2025-7657 making immediate action essential to keep systems secure.

Vulnerability DetailsThe primary zero-day, CVE-2025-6558, stems from incorrect validation of untrusted input in the ANGLE (Almost Native Graphics Layer Engine) and GPU components. By crafting specially designed graphics calls, an attacker can trigger out-of-bounds memory access, potentially leading to arbitrary code execution.

In the same update, Google has fixed two other critical issues:

• CVE-2025-7656: An integer overflow in the V8 JavaScript engine, which could allow attackers to execute arbitrary code by overflowing internal counters.
• CVE-2025-7657: A use-after-free in the WebRTC functionality, enabling remote code execution or browser crashes when handling malformed media streams.

Root CauseThese vulnerabilities arise from distinct flaws within Chrome’s graphics and scripting subsystems:

1. ANGLE/GPU input validation (CVE-2025-6558): Improper checks on user-supplied graphics data.
2. V8 integer overflow (CVE-2025-7656): Lack of bounds checking on arithmetic operations in the JavaScript engine.
3. WebRTC use-after-free (CVE-2025-7657): Failure to manage object lifetimes correctly during media negotiation.

Impact & Exploit Potential

• CVE-2025-6558: Actively exploited in the wild, this flaw poses an immediate risk. Successful exploitation can lead to full browser compromise and potentially sandbox escape.
• CVE-2025-7656: Integer overflows can corrupt memory or hijack control flow, often resulting in arbitrary code execution.
• CVE-2025-7657: Use-after-free bugs may allow attackers to run malicious code or crash the browser, disrupting availability.

Unpatched users remain vulnerable to targeted attacks, drive-by downloads, and malicious web pages designed to exploit these flaws.

Affected Products

• Windows & macOS: Chrome versions prior to 138.0.7204.157/.158
• Linux: Chrome versions prior to 138.0.7204.157

Chromium-based browsers (Microsoft Edge, Brave, Opera, Vivaldi, etc.) are also likely affected and should be updated when vendor patches become available.

Mitigation & Recommendations

1. Update Chrome Immediately: Navigate to Help > About Google Chrome to trigger the update to 138.0.7204.157/.158 (Windows/macOS) or 138.0.7204.157 (Linux).
2. Exercise Caution: Avoid opening untrusted links or visiting unfamiliar websites until fully patched.
3. Monitor Chromium-based Browsers: Apply vendor updates for other browsers as they roll out fixes.Explore more about the 3 CVEs mentioned above here

Instantly Fix Risks with Saner Patch ManagementSaner patch management is a continuous, automated solution that instantly addresses risks exploited in the wild. It supports Windows, Linux, macOS, and 550+ third-party applications.

• Safe Testing Area: Validate patches in an isolated environment before deployment.
• Patch Rollback: Revert updates seamlessly in case of failure or system issues.

Experience the fastest, most reliable patching software here.