Chrome 137 Comes With Security Fixes
and New Gemini Nano AI

Google Chrome 137 Stable Released

By Magic Actions - Wednesday, May 28, 2025. The Google Chrome team has released version 137 to the Stable channel for Windows, Mac, Linux, Android, and iOS. The latest version of Chrome includes new features, multiple security and bug fixes, and enhancements to stability and performance.

New Features and Changes in Google Chrome 137

Google Chrome 137 delivers a broad set of enhancements across AI, security, and user experience. A key highlight is the integration of Google's Gemini Nano AI large language model (LLM), which strengthens security by detecting tech support scams in real time. This on-device AI analyzes webpage content to identify fraudulent behavior.

Chrome also adds AI-powered autofill predictions, streamlining form completion with greater speed and accuracy. Additionally, for some users, Gemini is now embedded directly in Chrome, supporting AI-driven tasks and in-browser code editing through DevTools.

Chrome 137 introduces expanded customization options for managed profiles, allowing administrators to apply custom logos and labels. It also extends support for system accent colors in form elements to both Windows and ChromeOS. Additionally, a new toolbar toggle for Chromecast has been added for easier access.

The latest version of the Chrome web browser removes several legacy features, including the --load-extension command-line switch. It also enhances validation by disallowing spaces in non-file:// URL hosts.

Security Patches in Google Chrome 137

Chrome 137 includes patches for a total of 11 security vulnerabilities: two rated as high severity, five classified as medium risk, and four categorized as low-risk flaws. The most critical fixes in this release include:

Use-after-free in Compositing (CVE-2025-5063 Security severity: High) - This vulnerability enables a remote cyber attacker to compromise affected systems. It arises from a use-after-free error in Google Chrome's Compositing component. By creating a specially crafted web page and tricking a victim into visiting it, the attacker can trigger the error and execute arbitrary code on the target system. Successful exploitation may allow the attacker to take control of the compromised system.

Out-of-bounds write in V8 (CVE-2025-5280 Security severity: High) - This security vulnerability arises from a boundary error in V8 when processing untrusted HTML content. A remote attacker can create a malicious web page and trick a victim into opening it, triggering an out-of-bounds write that enables arbitrary code execution on the target system.

Background Fetch API flaw (CVE-2025-5064 Security severity: Medium) - This security bug allows a remote attacker to access sensitive information. It stems from an incorrect implementation of the Background Fetch API in Google Chrome. By crafting a malicious web page and tricking a victim into visiting it, an attacker can exploit the flaw to obtain confidential data.

Update Your Google Chrome Web Browser to the Latest Version

We recommend updating to Chrome 137 to take full advantage of the latest features and security improvements. While Chrome typically updates automatically, it's a good idea to manually check and verify that you're running the latest stable version by clicking the button below.

Verify and Update Your Chrome Browser

The current version of the Chrome web browser at the time of writing is:

• Chrome versions 137.0.7151.55 and 137.0.7151.56 on Windows and Mac
• Chrome version 137.0.7151.55 on Linux
• Chrome version 137.0.7151.44 on Android
• Chrome version 137.0.7151.51 on iOS

Related Topics

Virtual Keyboard for YouTube

A small window to the world, read all over