Google Chrome Patches Critical ‘Use-After-Free’ Vulnerability in Lens (CVE-2025-2476)
do son 
Google has rolled out a crucial security update to address a critical use-after-free vulnerability in the Lens feature of Chrome, tracked as CVE-2025-2476. The vulnerability, discovered and reported by security researcher SungKwon Lee of Enki Whitehat, poses a significant risk to users and has been fixed in the latest stable releases for Windows, Mac, and Linux.
The vulnerability, categorized as a ‘use-after-free’ issue, can allow an attacker to execute arbitrary code or potentially take control of a system if successfully exploited. However, Google has restricted access to specific bug details, stating: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.”
This practice helps prevent attackers from leveraging the vulnerability before most users have updated their browsers.
To mitigate the risk, Google has updated Chrome’s stable and extended stable channels:
- Stable Channel:
- Windows & Mac: 134.0.6998.117/.118
- Linux: 134.0.6998.117
- Extended Stable Channel:
- Windows & Mac: 134.0.6998.89
These updates will roll out progressively over the coming days and weeks.
Given the severity of CVE-2025-2476, users are strongly advised to update their Chrome browser immediately to protect against potential exploits.
To check and apply updates:
- Open Google Chrome.
- Click on the three-dot menu in the upper-right corner.
- Navigate to Help > About Google Chrome.
- Chrome will automatically check for and apply the latest update.
- Restart your browser to complete the update process.
