Critical Remote Code Execution Vulnerability Addressed in Chrome Security Update: Essential Patches Released

Google has issued an urgent security update for the Chrome browser across Windows, Mac, and Linux platforms, addressing a critical vulnerability that could enable attackers to execute arbitrary code remotely. Users are strongly advised to update their browsers immediately to safeguard against potential threats. The Stable channel has been updated to version 140.0.7339.127/.128 for Windows, 140.0.7339.132/.133 for Mac, and 140.0.7339.127 for Linux. This update is currently being rolled out and will be available to all users in the coming days and weeks. This patch follows the initial release of Chrome 140, which also addressed several other security issues.

The update resolves two significant security flaws, with the most severe being CVE-2025-10200, a critical “Use-after-free” vulnerability in the Serviceworker component. A use-after-free flaw occurs when a program attempts to use memory after it has been deallocated, potentially leading to crashes, data corruption, or arbitrary code execution. An attacker could exploit this vulnerability by creating a malicious webpage that, when visited, allows the attacker to run harmful code on the victim’s system. Security researcher Looben Yang reported this critical flaw on August 22, 2025, earning a bug bounty of $43,000. The second vulnerability, CVE-2025-10201, is a high-severity flaw related to an “Inappropriate implementation in Mojo,” which is crucial for inter-process communication within Chromium. This vulnerability was reported by Sahan Fernando and an anonymous researcher on August 18, 2025, with a $30,000 bounty awarded for their findings. Users can manually check for and apply the update by navigating to Settings > About Google Chrome, where the browser will automatically scan for the latest version. Google has restricted access to detailed information about the bugs to prevent potential exploits before the majority of users have installed the patch, underscoring the importance of applying security updates promptly. 

Categories: Security Update, Vulnerability Management, Browser Protection 

Tags: Chrome, Security, Update, Vulnerability, Attackers, Code Execution, Serviceworker, Mojo, Bug Bounty, Users