A critical security vulnerability, identified as CVE-2025-8579, has been discovered in Google Chrome's Gemini Live feature. This flaw, reported by security researcher Alesandro Ortiz on April 2, 2025, involves an inappropriate implementation within Gemini Live, potentially allowing unauthorized interactions or unexpected behaviors. While specific details of the vulnerability's exploitation have not been disclosed, it underscores significant security concerns for users of the affected versions.
Google has promptly addressed this issue by releasing a patch in Chrome version 139.0.7258.66 on August 1, 2025. Users are strongly advised to update their browsers to this latest version to mitigate any potential risks associated with this vulnerability.
Microsoft has also acknowledged this vulnerability, noting that its Chromium-based Edge browser ingests Chromium updates that address this issue. Users of Microsoft Edge should ensure their browsers are updated to the latest version to benefit from these security enhancements.
The Gemini Live feature, introduced to enhance user interaction through real-time AI assistance, has been a significant addition to Chrome. However, this incident highlights the importance of rigorous security assessments in the development of such features. Users are reminded to keep their software up to date and to stay informed about security advisories to maintain optimal protection against potential threats.
For more detailed information on this vulnerability and the corresponding updates, users can refer to the official advisories from Google and Microsoft.
Source: MSRC Security Update Guide - Microsoft Security Response Center
