Google has released a critical emergency update for its Chrome browser, targeting more than 3 billion users worldwide. This measure responds to the detection of a zero-day vulnerability, identified as CVE-2025-5419, which is being actively exploited by cybercriminals.

What is CVE-2025-5419 and why is it so dangerous?

The CVE-2025-5419 vulnerability resides in Chrome's V8 JavaScript and WebAssembly engine. It is an out-of-bounds memory read and write flaw, allowing attackers to execute malicious code on your system simply by visiting a specially crafted web page.

This type of vulnerability is particularly serious because:

How to protect yourself?

Google has released version 137.0.7151.68/.69 for Windows and macOS, and 137.0.7151.68 for Linux, which fixes this and other vulnerabilities. While Chrome typically updates automatically, it's a good idea to manually verify that the update has been applied:

It's important to note that restarting your browser is essential for the update to take effect.

What happens if I don't update?

Not applying this update exposes you to significant risks:

This isn't the only vulnerability that's been fixed. Google has also addressed other security flaws, such as CVE-2025-5068, which affects the Blink rendering engine.

Online security is a shared responsibility. While developers are constantly working to fix vulnerabilities, it's essential that users keep their systems up to date. Don't put off this update; protecting your information and devices is in your hands.