Google Issues Emergency Update For All Chrome Users—Attacks Underway

Google has issued an emergency update for all Chrome users, warning of a critical vulnerability that poses a significant threat to desktop browsers worldwide.

The update comes in response to the discovery of a Type Confusion flaw in V8, Chrome's underlying Java engine (CVE-2025-10585), which creates an exploit that can be used by attackers to destabilize the browser or system it is running on, and execute their own code. This vulnerability was reported by Google's own Threat Analysis Group just 48 hours ago, emphasizing the urgent nature of the update.

Google recommends upgrading all desktop browsers immediately to version 140.0.7339.185/.186. The update will download automatically to your device, and you will see a flag to restart once it is ready. It is essential to restart as soon as possible to enable the installation process. Unfortunately, private "incognito" tabs will not reopen after the update.

The zero-day vulnerability is one of four high-severity fixes in this update, all of which are critical and require immediate attention. Google has restricted access to bug details and links, indicating that more information about the issue will be available in the coming weeks – but for now, it remains highly targeted due to how it was disclosed.

Chrome and Edge, which run on the same Chromium base, can expect updates as well within the coming hours. Microsoft had previously advised Windows users to switch from Chrome to Edge for "secure browsing." However, with this critical vulnerability affecting both browsers, there is little difference between them in terms of security.

The rapid response from Google highlights the importance of keeping your browser up-to-date and demonstrates the company's commitment to protecting its users. As a user, it is crucial to prioritize your online safety and take immediate action to address this critical vulnerability.