Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Category: <h2 class="cBlue inline m-r-10">Arti<span class="cOrange">cles</span></h2>

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Information:

  Google Chrome is a free, fast, and secure web browser developed by Google for accessing the internet and web-based applications on various devices, including desktop computers, smartphones, and tablets. Chrome currently has a large number of users.

Incident:

   Google has released emergency security updates for the Chrome web browser to patch CVE-2025-10585, that is actively being exploited in the wild. The vulnerability is described as a type confusion issue in the V8 JavaScript and WebAssembly engine, which can be weaponized by attackers to trigger arbitrary code execution. The flaw was discovered and reported by Google's Threat Analysis Group (TAG)

Recommendation:

  Users are strongly advised to update their Chrome browser immediately to version 140.0.7339.185/.186 (for Windows and macOS) and 140.0.7339.185 (for Linux) to mitigate this threat.

The important things is Security systems. We must concern and monitor as usual.
For more information please contact
Email :sales@inetms.co.th
065 149 2822 (Ms.Suphatson )
063 204 4534 (Ms.Atsamaphorn)
065 929 6330 (Ms.Kansinee)
061 387 9439 (Ms.Sirilak)
092 257 6902 (Ms.Narusorn)
063 197 7510 (Mr.Yanotai)
065 725 7405 (Ms.Nattharini)

References:

-https://thehackernews.com/2025/09/google-patches-chrome-zero-day-cve-2025.html

Weekly Interesting CVE

NO.

CVE Name

Published Date

Last Update

Device/Appplication/OS Target

Attack Type

CVSS
Severity Rating

Detail

Solution

Reference
1

CVE-2025-9242

17/9/2025

18/9/2025

WatchGuard Firebox

Remote Code Execution (RCE)

9.3

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 and the Branch Office VPN using IKEv2 when configured with a dynamic gateway peer.This vulnerability affects Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.3 and 2025.1.

Update Firmware WatchGuard Firebox

https://app.opencve.io/cve/CVE-2025-9242
2

CVE-2025-49712

9/9/2025

19/9/2025

Microsoft Windows (NTLM)

Elevation of Privilege (EoP)

8.8

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

Windows Update

https://app.opencve.io/cve/CVE-2025-54918
3

CVE-2025-29894

29/8/2025

19/9/2025

Qsync Central

SQL injection

8.8

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands.

We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.7 and later

https://app.opencve.io/cve/CVE-2025-29894

 
 4

CVE-2025-23011

13/1/2025

19/9/2025

Fedora Repository 3.8.1

Code Execution (CE)

8.8

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained.

Migrate to a currently supported version (6.5.1 as of 2025-01-23).

https://app.opencve.io/cve/CVE-2025-23011
5

CVE-2024-9644

4/2/2025

19/9/2025

Four-Faith F3x36 router using firmware v2.0.0

Impromper Authentication

9.8

The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an
authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the "bapply.cgi" endpoint instead of the normal "apply.cgi" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities.

Update to lastest version

https://app.opencve.io/cve/CVE-2024-9644

Malware News or Campaign IOC/IOA | EN

No

Campaign Name

Detection Date

Attack

Type

  

Description

  

Mitigation/Remediation
1

New EDR-Freeze tool uses Windows WER to suspend security software​

22/09/2025​

Defense evasion

Security researchers TwoSevenOneThree (Zero Salarium) have presented a method and tool called EDR-Freeze, which demonstrates how to freeze security solutions like EDR or antivirus for extended periods of time, in user mode only, by leveraging Microsoft's Windows Error Reporting (WER) system without using BYOVD (Bring Your Own Vulnerable Driver) techniques such as stealthily installing drivers, changing the execution protection, and removing traces. EDR-Freeze, on the other hand, does none of these things, and works with pre-installed Windows components.​

Researchers have published a tool that performs the above steps and tested it on Windows 11 24H2, successfully freezing Windows Defender.​
  • Detect behavior where WER attempts to create dumps for sensitive processes.​
  • There is a tool from researcher Steven Lim that maps WerFaultSecurecalls to the Microsoft Defender process to help detect this behavior.​
  • SOC teams should particularly monitor WER/MiniDumpWriteDump calls, PPL privilege usage, and suspend/resume activity of security processes.​

Ref: https://www.bleepingcomputer.com/news/security/new-edr-freeze-tool-uses-windows-wer-to-suspend-security-software/

 

30 September 2025

Viewed 260 time

Engine by shopup.com