Google has officially released Chrome 142 to the stable channel, delivering critical security updates across Windows, Mac, and Linux platforms.
The rollout is currently underway and will reach all users within the next few days to weeks, providing essential protection against a range of newly discovered threats.
This latest version addresses 20 vulnerabilities, many of which could enable remote code execution and compromise user data and system integrity.
Chrome 142.0.7444.59 for Linux and Windows, and 142.0.7444.60 for Mac, represent a comprehensive security refresh that highlights Google’s commitment to maintaining browser security in an increasingly hostile threat landscape.
The update incorporates numerous fixes and performance improvements documented in the Chromium source repository, with enhancements spanning rendering engines, system stability, and user interface components.
Critical Vulnerabilities and High-Severity Fixes
The vulnerability landscape in Chrome 142 is dominated by high-severity issues, particularly within the V8 JavaScript engine where type confusion, race conditions, and inappropriate implementation flaws could lead to arbitrary code execution.
Media handling also receives significant attention, with fixes addressing object lifecycle issues that could facilitate unauthorized access.
Additionally, extensions framework vulnerabilities are patched to prevent policy bypasses that attackers could exploit to elevate privileges.
External security researchers contributed substantially to this release through Google’s Vulnerability Reward Program, with bounties ranging from $2,000 to $50,000 for significant findings.
Internal auditing processes and fuzzing tools, including AddressSanitizer and libFuzzer identified additional lower-severity issues affecting storage races, UI inconsistencies, and other stability concerns.
| CVE ID | Severity | Component | Description | Reporter | Bounty |
|---|---|---|---|---|---|
| CVE-2025-12428 | High | V8 | Type Confusion | Man Yue Mo (GitHub Security Lab) | $50,000 |
| CVE-2025-12429 | High | V8 | Inappropriate Implementation | Aorui Zhang | $50,000 |
| CVE-2025-12430 | High | Media | Object Lifecycle Issue | round.about | $10,000 |
| CVE-2025-12431 | High | Extensions | Inappropriate Implementation | Alesandro Ortiz | $4,000 |
| CVE-2025-12432 | High | V8 | Race Condition | Google Big Sleep | Internal |
| CVE-2025-12433 | High | V8 | Inappropriate Implementation | Google Big Sleep | Internal |
| CVE-2025-12036 | High | V8 | Inappropriate Implementation | Google Big Sleep | Internal |
| CVE-2025-12434 | Medium | Storage | Race Condition | Lijo A.T | $3,000 |
| CVE-2025-12435 | Medium | Omnibox | Incorrect Security UI | Hafiizh | $3,000 |
| CVE-2025-12436 | Medium | Extensions | Policy Bypass | Luan Herrera | $2,000 |
Security professionals strongly recommend enabling automatic updates to ensure immediate protection against exploitation attempts.
Users should verify installation status by navigating to chrome://settings/help, which displays the currently installed version and automatically checks for updates.
As browser-based attacks continue escalating through phishing campaigns and malware distribution, Chrome 142 reinforces security posture for billions of users worldwide and establishes a more resilient foundation for web browsing.
Cyber Awareness Month Offer: Upskill With 100+ Premium Cybersecurity Courses From EHA's Diamond Membership: Join Today
%20(1).webp?resize=1600,900&ssl=1&description=The rollout is currently underway and will reach all users within the next few days to weeks, providing essential protection against a range of newly discovered threats.){kind=link}