Google Rushes Critical Chrome Update Amidst Active Exploitation.
Google has swiftly released a crucial update for its Chrome web browser, addressing six security vulnerabilities, one of which, CVE-2025-6558, is currently being exploited in the wild. This high-severity flaw (CVSS score: 8.8) is described as an “incorrect validation of untrusted input in ANGLE and GPU” components. The nature of the exploit allows a remote attacker to potentially perform a sandbox escape simply by tricking a user into visiting a crafted HTML page, posing a significant risk for silent system compromise without any user interaction.
The vulnerability’s presence within ANGLE (Almost Native Graphics Layer Engine) is particularly concerning. ANGLE acts as a vital translation layer for Chrome’s rendering engine and device-specific graphics drivers. Exploiting flaws in this module can enable attackers to bypass Chrome’s robust sandbox security, typically designed to isolate the browser from the underlying operating system. This type of sandbox escape is rare but potent, as it grants attackers a powerful pathway to deeper system access, making it a prime target for sophisticated, targeted attacks.
The discovery and reporting of this zero-day vulnerability on June 23, 2025, are credited to Clément Lecigne and Vlad Stolyarov of Google’s renowned Threat Analysis Group (TAG).
While Google has confirmed the existence of an exploit for CVE-2025-6558 in the wild, the specific details of the attacks have not been publicly disclosed. However, the involvement of TAG in the discovery often suggests the possibility of nation-state actors being behind the exploitation attempts, underscoring the severity and targeted nature of the threat.
This latest patch comes just two weeks after Google addressed another actively exploited Chrome zero-day, CVE-2025-6554, also reported by Lecigne. With the inclusion of CVE-2025-6558, Google has now resolved a total of five zero-day vulnerabilities in Chrome since the beginning of 2025 that have either been actively exploited or demonstrated as a proof-of-concept. Other notable exploited flaws this year include CVE-2025-2783, CVE-2025-4664, and CVE-2025-5419, highlighting an ongoing and intensified threat landscape for the popular browser.
Users are strongly urged to update their Chrome browsers immediately to versions 138.0.7204.157/.158 for Windows and Apple macOS, and 138.0.7204.157 for Linux, to safeguard against these threats. This can be done by navigating to More > Help > About Google Chrome and selecting Relaunch. Users of other Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should also apply updates as soon as they become available. Staying vigilant against graphics driver flaws, privilege boundary bypasses, and memory corruption in rendering paths remains crucial for anticipating future vulnerabilities.
Reference:
