Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of Zero-Day Vulnerability in Google Chrome
Alerts

Active Exploitation of Zero-Day Vulnerability in Google Chrome

18 November 2025

Google has released security updates addressing a zero-day vulnerability in its Chrome browser.

Background

Google has released security updates addressing a zero-day vulnerability (CVE-2025-13223) in its Chrome browser.

Impact

Successful exploitation of the type confusion vulnerability in Google Chrome's V8 JavaScript and WebAssembly engine could allow an attacker to perform arbitrary code execution or crash the browser.

Affected Products

This vulnerability affects versions of Google Chrome prior to 142.0.7444.175/.176 for Windows, 142.0.7444.176 for Mac, and 142.0.7444.175 for Linux.

Known Exploitation

This vulnerability is reportedly being exploited in the wild.

Mitigation

Users of Chrome browsers are advised to upgrade their browser to the latest versions.

Users are also encouraged to enable automatic updates in their Chrome browser to ensure that their software is updated promptly.

References

https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html?m=1

https://nvd.nist.gov/vuln/detail/CVE-2025-13223

https://thehackernews.com/2025/11/google-issues-security-fix-for-actively.html

Back to top