Google fixes six vulnerabilities in Chrome, one of which is actively exploited. Microsoft Edge will also need to follow.
Google is rolling out an emergency update for its Chrome browser. The update addresses six vulnerabilities that couldn’t wait for the release of Chrome 139 in August. It is recommended to update your browser as soon as possible.
One vulnerability is specifically highlighted in the overview: CVE-2025-6558. This bug causes the graphics library and GPU component to not perform checks on untrusted user input. Malicious code can thus pass through, and Google reports being aware of active exploitation of the vulnerability.
Google advises Chrome users to update their browser as soon as possible. Normally, this happens automatically the next time you open the browser. To be sure, you can check for available updates via the settings under About Chrome . The current stable version is 138.0.7204.157/.158 for Windows and Mac and .157 for Linux. The next release, Chrome 139, will roll out in early August.
Microsoft’s Move
Google has done its homework, but since the vulnerabilities are in the underlying Chromium system, other browsers using it must also roll out an update. These include Microsoft Edge, Brave, Vivaldi, and Opera.
read also
What is Chromium and how does it differ from Google Chrome?
The first three usually follow Google quickly with security updates. However, Opera is still a few versions behind and is still on Chromium 137, which was released in April. This means that newly discovered Chromium vulnerabilities have not yet been patched in Opera.