Ddos 
Google has released a Stable Channel update for Chrome Desktop, rolling out version 137.0.7151.103/.104 for Windows and macOS, and 137.0.7151.103 for Linux. This update brings important security fixes, with a focus on addressing two high-severity vulnerabilities that could have allowed attackers to compromise user systems.
As is standard practice, Google has temporarily restricted access to technical details for these bugs to protect users until the majority have received the update.
The first vulnerability, CVE-2025-5958, is a use-after-free flaw discovered in Chrome’s media component. Reported by Huang Xilin of Ant Group Light-Year Security Lab, this vulnerability can be triggered when the browser attempts to use a media object that has already been freed from memory. Use-after-free issues are especially dangerous as they can lead to arbitrary code execution if exploited by attackers in a carefully crafted scenario—such as a malicious web page delivering malformed media content.
Google rated this issue as high severity and awarded an $8,000 bug bounty for the report, which was submitted on May 25, 2025.
The second vulnerability, CVE-2025-5959, is a type confusion flaw in V8, Chrome’s JavaScript engine. This issue was reported by Seunghyun Lee as part of the TyphoonPWN 2025 hacking competition held on June 4, 2025. Type confusion vulnerabilities occur when the browser misinterprets the type of an object during execution, which can be exploited to read or write to arbitrary memory, ultimately enabling a sandbox escape or remote code execution.
Google classified the issue as high severity due to its potential impact on browser integrity and user safety.
Google advises all users to update Chrome Desktop to version 137.0.7151.103/.104 as soon as it becomes available. This update will be rolling out automatically over the coming days and weeks.
Donate