Google patches another worrying Chrome security flaw - so update now, or be at risk

A newly found Chrome zero-day is being exploited in the wild

· TechRadar

News By Sead Fadilpašić published 18 September 2025

(Image credit: Tada Images / Shutterstock)

  • Google patches four Chrome bugs, including actively exploited zero-day CVE-2025-10585
  • The zero-day is a type confusion flaw in V8 allowing potential arbitrary code execution
  • Chrome’s popularity makes it a prime target for cybercriminals exploiting browser vulnerabilities

Google has fixed four bugs found in its Chrome browser, including a zero-day that’s apparently being exploited in the wild.

In a security advisory, Google said it patched a heap buffer overflow in ANGLE (CVE-2025-10502), a user-after-free bug in WebRTC (CVE-2025-10501), and a separate use-after-free in Dawn (CVE-2025-10500). The fourth bug, the one being exploited as a zero-day, is a type confusion bug in V8.

A Type Confusion bug in Chrome’s V8 JavaScript engine is a memory safety issue which happens when the engine treats a variable or object as a different type than it actually is. This misidentification can lead to serious issues, including heap corruption and arbitrary code execution.

Abusing zero-days

This is the sixth zero-day vulnerability that Google patched in Chrome in 2025 alone.

In this case, Google said it didn’t want to share too many details before everyone patches up, to protect against further attacks.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the advisory reads. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”

The flaw is now tracked as CVE-2025-10585, and is yet to receive a severity score. It is only described as a “high-severity” bug.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors