Google Releases Security Updates for Chrome

Security update addresses an exploited high severity vulnerability in Google Chrome for Windows

Threat ID:: CC-4639
Threat Severity:: Medium
Published:: 28 March 2025 3:04 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Security update addresses an exploited high severity vulnerability in Google Chrome for Windows

Affected platforms

The following platforms are known to be affected:

Versions: all prior to 134.0.6998.177/.178

Google Chrome

Chrome for Windows

Threat details

Exploitation of CVE-2025-2783

Google is aware that an exploit for CVE-2025-2783 exists in the wild.

Introduction

Google has released Chrome version 134.0.6998.177/.178 to address a high severity vulnerability, reported as exploited in the wild. A remote attacker could exploit this vulnerability to escape a sandbox via a malicious file.

Google is aware that an exploit for CVE-2025-2783 exists in the wild.

Remediation advice

Affected organisations are encouraged to review the Chrome Release 134.0.6998.177/.178 Stable Channel advisory and apply the update for the latest release.

Definitive source of threat updates

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

CVE Vulnerabilities

Status Published

CVE-2025-2783

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

Last edited: 28 March 2025 3:05 pm