Google has issued an emergency update for Chrome to fix a serious vulnerability that’s already being exploited. This flaw, identified as CVE-2025-4664, impacts the Chrome Loader component, which helps manage how your browser fetches and displays website content. When this security feature fails, it can allow attackers to steal sensitive data like session tokens or authentication details—potentially granting them access to your accounts without you knowing.
The vulnerability arises from how Chrome handles Link headers and referrer policies. Under normal circumstances, your browser should prevent websites from accessing information meant for other websites. But in this case, an attacker can manipulate how resources are loaded to bypass those protections, putting your private data at risk.
To stay secure, make sure you’re running the latest version of Chrome: 136.0.7103.113 or .114, depending on your operating system. While Chrome typically updates automatically, it’s crucial to check manually if your browser has been open for a long time or if an extension has interfered.
You can manually check by going to Settings > About Chrome. If an update is available, Chrome will begin the process and prompt you to restart the browser to complete it.
Stay proactive—keeping your browser up to date is one of the simplest yet most powerful ways to protect your online security.