Google Chrome Emergency Update: High-Severity Memory Corruption Flaws Fixed in WebGPU and V8

Google has rolled out an important security update for the Stable desktop channel, patching two high-severity vulnerabilities that expose users to potential memory corruption attacks. The release brings the browser to version 143.0.7499.146/.147 for Windows and Mac, and 143.0.7499.146 for Linux users.

With the update rolling out over the coming days, security experts are advising administrators and users to force the update immediately to mitigate the risks posed by flaws in the browser’s graphics and JavaScript engines.

This update addresses two specific “High” severity issues contributed by external researchers.

CVE-2025-14765: Use-After-Free in WebGPU The most notable fix addresses a “Use After Free” (UAF) vulnerability within WebGPU, the next-generation graphics API for the web. UAF bugs are a class of memory corruption flaw where a program continues to use a pointer after the memory it points to has been freed. Hackers often exploit these errors to execute arbitrary code or crash applications.

Google awarded a $10,000 bounty to an anonymous researcher for reporting this flaw on September 30, 2025, underscoring its potential severity.

CVE-2025-14766: V8 Memory Corruption The second patch targets V8, Google’s open-source high-performance JavaScript and WebAssembly engine. The vulnerability, described as an “Out of bounds read and write,” allows an attacker to read or modify memory outside of intended boundaries. In a browser context, this can typically be leveraged to escape the renderer sandbox or leak sensitive information.

This flaw was reported by security researcher Shaheen Fazim on December 8, 2025.

While Chrome updates automatically for many users, the severity of these memory safety issues warrants manual verification.

How to Update:

1. Open Chrome and click the three-dot menu in the top-right corner.
2. Navigate to Help > About Google Chrome.
3. The browser will automatically check for updates and install version 143.0.7499.146+.
4. Relaunch the browser to apply the fix.

System administrators managing enterprise fleets should ensure the new version is pushed to all endpoints immediately.

Related Posts:

• Chrome Emergency Fix: Three High-Severity Flaws in WebGPU and V8 Engine Risk RCE
• Chrome 141 Stable Channel Update Patches High-Severity Vulnerabilities (CVE-2025-11205 & CVE-2025-11206)
• Urgent Firefox Alert: Critical Memory Corruption Flaws (CVSS 9.8) Allow Remote Code Execution