Google has released an urgent security update for its Chrome browser to address a high-severity vulnerability tracked as CVE-2025-11756. This critical flaw, located within Chrome’s essential Safe Browsing feature, could allow attackers to execute arbitrary code on users’ machines, posing a direct threat to system security and user data.
Details of the Critical Flaw
The vulnerability is identified as a use-after-free flaw. This memory corruption issue occurs when an application continues to use memory after it has been freed, leading to unstable behavior and the potential for malicious code injection. Since the flaw resides in the Safe Browsing component, which operates with elevated privileges to protect users from dangerous websites and downloads, its criticality is especially high.
Google's internal security classification rated the vulnerability as High severity. Successful exploitation could enable cybercriminals to gain unauthorized access to a user’s system, allowing them to install malware, steal data, or compromise user accounts.
Patch Rollout and Researcher Credit
The vulnerability was discovered and responsibly disclosed by security researcher “asnine” on September 25, 2025. The researcher received a $7,000 reward through Google’s bug bounty program for their efforts.
In response, Google released security patches via Chrome versions 141.0.7390.107/.108 for Windows and Mac and 141.0.7390.107 for Linux. The update began rolling out on October 14, 2025, and will continue to reach users globally over the coming days and weeks. To prevent active exploitation while users update, Google is temporarily restricting access to the technical details of the flaw. Users are strongly advised to update their browsers immediately to safeguard their systems against this actively managed threat.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
