ISLAMABAD: Google has released its second emergency security update in just one week, addressing a critical vulnerability that could put users at risk of remote code execution attacks.
The final patch aims to handle CVE-2025-12036, a high-risk bug in the V8 JavaScript engine of Chrome. The bug is such that the attackers can execute malicious scripts by merely making the victims access a compromised website; they do not have to do anything else.
Chrome developer Srinivas Sista verified that Google’s Big Sleep security product, which uses AI to discover bugs, discovered the issue.
Details on the bug remain under embargo until most customers have been patched. The update is being pushed across all platforms and will see users over the coming days and weeks.
How to Protect Yourself
Protecting your browser is easy. Update Chrome to 141.0.7390.122 or .123 on Windows and Mac, 141.0.7390.122 on Linux, and 141.0.7390.122 on Android.
Chrome updates automatically, but you can check by opening the settings menu and selecting “About Google Chrome.” This will make the browser go out and find an update, installing a newer version.
Make sure to reboot Chrome after updating, or the security patch won’t work. With the attacks already underway, it’s crucial to update as soon as possible to defend your devices and data.
