Google has released an emergency security update for its Chrome browser after confirming that a serious vulnerability is being actively exploited in real-world attacks. The company acknowledged the threat on Wednesday but has withheld key technical details, describing the flaw as highly severe and raising concerns among cybersecurity experts.
The vulnerability has not yet been assigned an official CVE identifier and is currently being tracked internally by Google as “466192044.” According to the company, the patch was rushed out due to active exploitation, while coordination continues with cybersecurity authorities before formal classification.
What has drawn particular attention is Google’s unusual level of secrecy. In most cases, the company discloses at least the general nature of a flaw, such as a memory corruption issue or sandbox escape, while delaying deeper technical details. In this instance, Google has not even revealed the vulnerability category.
Despite the lack of official information, cybersecurity outlet The Hacker News linked the internal tracking number to a publicly visible bug report in the Chromium project. That report appears to reference ANGLE, Google’s open-source graphics translation layer used by Chrome on Windows to handle rendering. The linked GitHub discussion suggests the issue could involve a buffer overflow, a class of vulnerability that can lead to crashes or allow attackers to execute malicious code. Google has not confirmed this link and did not respond to requests for comment.
The security fix is now being rolled out across platforms. Updated versions include Chrome 143.0.7499.109 and .110 for Windows and macOS, and Chrome 143.0.7499.109 for Linux. While Google says the update will be deployed gradually over the coming days and weeks, some users have already received it.
Users can manually apply the update by going to Settings, selecting About Chrome, and clicking Relaunch. In many cases, Chrome will also install the patch automatically after a browser restart. Google has also made manual downloads available through its support channels.
Because Microsoft Edge is built on the Chromium engine, it is also affected by the vulnerability. Microsoft confirmed it is aware of the active exploits and said it is working on releasing its own security update.
Until the fixes are fully rolled out, millions of Chrome and Edge users could remain exposed, prompting security experts to urge immediate updates wherever possible.
