BSI warns: Google Chrome vulnerability allows code execution
Google has released an important security update for the Chrome web browser. The Federal Office for Information Security (BSI) is already warning urgently about risks and recommends immediate installation.
Urgent security update for Chrome
The update fixes several critical vulnerabilities that could potentially be exploited by attackers. Users should immediately install updates manually if automatic updates have not been set to protect their systems.
The stable channel has been updated to 131.0.6778.264/.265 for Windows, Mac and 131.0.6778.264 for Linux. All older versions are potentially at risk. Nothing is yet known about active exploitation of the vulnerabilities. Google Chrome has in its recent update According to its own information, there are a total of four security gaps closed.
Fear of remote exploitation
The Federal Office for Information Security (BSI) already has an official one Warning issued about possible security issues. According to the BSI, a remote, anonymous attacker could exploit the vulnerabilities to execute arbitrary program code or carry out other unspecified attacks. The risk was classified as high by the BSI, with a CVSS base score of 8.8. As always, most users receive security updates automatically.
Chrome has an integrated auto-update function, which usually brings the browser up to date in a timely manner. If you want to be sure that you have received the important security updates, you can manually check for updates in the browser settings. We have already made the latest version available in the WinFuture download area and linked it at the end of this article. Browser market infographic: The steep rise of Google Chrome
There are currently only a few details
In order not to provide potential attackers with detailed information, both Google and the BSI are holding back from providing precise information about the vulnerabilities. This practice is common in the IT security industry to give users time to install updates before exploits could become widespread. It is advisable for IT administrators and security-conscious users to regularly monitor the update history and security advisories of the browser manufacturers.
How urgent is the update? The BSI classifies the security risk as high, with a CVSS Base Score of 8.8. The vulnerabilities could be exploited by attackers to execute malicious code. Experts recommend installing the updates as soon as possible because the security vulnerabilities are already publicly known and pose a potential risk. What are the risks? The vulnerabilities may allow attackers to execute arbitrary code on affected systems.
The type confusion vulnerability in V8, which is listed under CVE-2025-0291, is particularly critical. How is the update done? The browser usually updates itself automatically. A browser restart is required to complete the installation. For a manual check, users can check for updates in the browser settings or download the current version directly. Which versions are affected? All Chrome versions prior to the current update are potentially affected.
The new secure version of Chrome is number 131.0.6778.264/.265 for Windows and Mac. Was the loophole exploited? Google is withholding details so as not to provide information to potential attackers. This is a common security practice. To date, no specific cases of attacks through these vulnerabilities have been publicly confirmed.
