FREE TRIAL

Vulnerability

Google Issues Urgent Chrome 140 Update After Zero-Day Exploited in the Wild

2 min. read
19/09/2025
By Laura Libeer
chrome vulnerability

 TL;DR | Go Straight to the Google Chrome 140 Vulnerability Audit Report

On Wednesday, Google released emergency security updates for Chrome 140 addressing 4 high-severity vulnerabilities. One of these vulnerabilities tracked as CVE-2025-10585 has already been exploited in the wild and could lead to program crashes. We have added a new report to Lansweeper to help you locate vulnerable Chrome installations.

Google Chrome 140 Vulnerability CVE-2025-10585,

While this latest update for Google Chrome fixes 4 high-severity vulnerabilities, the main concern is with the one tracked as CVE-2025-10585. This zero-day vulnerability is described as a type confusion issue in the V8 JavaScript and WebAssembly engine. When successfully exploited, it could lead to program crashes or allow malicious actors to execute arbitrary code.

Google’s advisory confirms that they are aware of an exploit existing in the wild, but as usual, they are not releasing any further details about the nature of any known exploits, to avoid further exploitation.

The other vulnerabilities addressed in this update are:

  • CVE-2025-10500: Use after free in Dawn.
  • CVE-2025-10501: Use after free in WebRTC.
  • CVE-2025-10502: Heap buffer overflow in ANGLE

Update Vulnerable Chrome Installations

All 4 of these vulnerabilities have been fixed in the new update for Chrome 140, that is version 140.0.7339.185/.186 for Windows or Mac, or 140.0.7339.185 for Linux. As always, Google is holding off on releasing further details until a majority of users has had a chance to update their installations. That way malicious actors won’t be able to leverage the additional information for further attacks.

Discover Vulnerable Chrome Installs

Our team has put together an updated Google Chrome audit report that you can now find in your Lansweeper installation or in the report library. This report lets you easily locate any vulnerable instances of Google Chrome in your network and gives you an actionable list of installations that haven’t been updated to the fixed version yet. You can get the report via the link below.

Google Chrome 140 vulnerability audit report
Run the Google Chrome 140 Vulnerability Audit
NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.

TRY NOW TALK TO SALES