Google fixes eighth Chrome zero-day exploited in attacks in 2025

Google’s just dropped an emergency patch for the eighth Chrome zero-day vulnerability exploited in the wild this year, a sneaky buffer overflow in their LibANGLE library that could let attackers crash browsers, leak sensitive data, or even run malicious code on Windows, macOS, and Linux systems—specifically in the Metal renderer, which handles graphics translations for better performance. This high-severity flaw, tracked internally as 466192044, highlights how even Google’s open-source tech isn’t immune to real-world attacks, and it’s a stark reminder that SMBs and MSPs need to stay vigilant against these frequent threats. While the update is rolling out globally via Chrome’s auto-update feature, you might want to manually check for version 143.0.7499.109 (or .110 on macOS) right away to avoid waiting days for it to hit your devices. If you’re managing a small business or tech setup, remember that zero-days like this one often chain with other exploits, so pair this fix with strong endpoint security and regular scans to keep your operations humming. And hey, with seven other patches already this year targeting everything from account hijacks to sandbox escapes, it’s clear Chrome’s a moving target—don’t get caught flat-footed by skipping updates.

Source: https://www.bleepingcomputer.com/news/security/google-fixes-eighth-chrome-zero-day-exploited-in-attacks-in-2025/