- 270/2025
- High
Google has released an updated Chrome version 143.0.7499.109/.110 for Windows and Mac, and version 143.0.7499.109 for Linux.
The addressed vulnerabilities could allow the attacker to bypass security restrictions or execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website.
Sample of the addressed vulnerabilities:
Google Chrome Code Execution Vulnerability (CVE-2025-14372):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
It should be highlighted that Google is aware that the vulnerability tracked under the Chromium issue tracker ID “466192044” is being exploited in the wild. Google has not yet mentioned the CVE identifier, the affected component, or the nature of the flaw.
Vulnerabilities
- CVE-2025-14372
- CVE-2025-14373
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.