Heads Up Windows, Mac, Linux Users: High-Severity Chrome Flaw Patched By Google; Update Now
This vulnerability could result in complete account takeover if successfully exploited.
Google has issued an emergency security patch in order to fix a high-severity flaw in the Chrome web browser that could result in complete account takeover if successfully exploited. The critical security issue is one of four Chrome vulnerabilities that Google has released updates for.
Although it is unknown if this security issue has been utilised in attacks, the tech giant cautioned that it has a public exploit, which is how it typically alludes to active exploitation.
“Google is aware that knowledge of CVE-2025-4664 exists in the wild,” the company said in a recent security advisory on its website.
High-Severity Vulnerability In Google Chrome
Vsevolod Kokorin, a security researcher at Solidlab, reportedly found the flaw, which is defined as a lack of policy enforcement in Google Chrome’s Loader component that allows remote attackers to leak cross-origin data through malicious HTML pages.
“Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page,” read a description of the vulnerability, which was categorised as High in security severity with a CVSS score of 4.3.
Kokorin said that sensitive data can be leaked, leading to a full account takeover.
The new flaw follows a high-severity Chrome zero-day vulnerability (CVE-2025-2783) that was reportedly used to spread malware in espionage attacks and patched by Google in March. Attackers had utilised CVE-2025-2783 exploits in order to get around Chrome sandbox security and infect compromised targets with malicious software.
How To Protect Against Potential Malware
Google has reportedly resolved the issue in the Stable Desktop channel and is rolling out the patched Chrome versions to users globally.
Users can update Chrome manually or it can be set up to automatically check for updates and install them after the next launch.
Windows and Mac users should update their Chrome to version 136.0.7103.113/.114. Linux users are advised to update their Chrome to version 136.0.7103.113.
