1.0 Introduction
Google recently released a new Long-Term Support (LTS) to address multiple vulnerabilities in the ChromeOS devices.
2.0 Impact
These vulnerabilities could potentially be exploited by attackers to achieve arbitrary code execution, data corruption, or application crashes, especially through malicious web content.
3.0 Affected Products
- CVE-2025-6192 : Use after free in Profiler- High
- CVE-2025-5068 : Use after free in Blink- Medium
- CVE-2025-5281 : Inappropriate implementation in BFCache- Medium
- CVE-2025-6554 : Type Confusion in V8- Medium
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review
Google Chrome’s releases
for more information and apply the necessary updates. Users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly.
Users may refer the following URL for more information about the update:
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact the Cyber999 Incident Response Centre through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web:
https://www.cybersecurity.my/
5.0 References
- https://chromereleases.googleblog.com/
- https://chromereleases.googleblog.com/2025/07/long-term-support-channel-update-for.html
- https://www.cve.org/CVERecord?id=CVE-2025-6192
- https://www.cve.org/CVERecord?id=CVE-2025-5068
- https://www.cve.org/CVERecord?id=CVE-2025-5281
- https://www.cve.org/CVERecord?id=CVE-2025-6554