- 260/2025
- High
Google has released an updated Chrome version “143.0.7499.40/41” for Windows, Mac, and “143.0.7499.40” for Linux.
The addressed vulnerabilities could allow the attacker to conduct denial-of-service attacks, perform spoofing attacks, exploit heap corruption via a crafted HTML page, bypass security restrictions, obtain sensitive information, gain elevated privileges, or gain access to the affected systems.
Sample of the addressed vulnerabilities:
1. Google Chrome Type Confusion in V8 Vulnerability (CVE-2025-13630):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Google Chrome Updater Inappropriate Implementation Vulnerability (CVE- 2025-13631):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Privilege
Vulnerabilities
- CVE-2025-13630
- CVE-2025-13631
- CVE-2025-13632
- CVE-2025-13633
- CVE-2025-13634
- CVE-2025-13635
- CVE-2025-13636
- CVE-2025-13637
- CVE-2025-13638
- CVE-2025-13639
- CVE-2025-13640
- CVE-2025-13720
- CVE-2025-13721
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.