MS-ISAC consultancy number:
2025-018
Published date (s):
02/12/2025
PREVIEW:
Several vulnerabilities have been discovered in Google Chrome, the most serious of which could allow arbitrary code execution. The successful exploitation of the most serious of these vulnerabilities could allow arbitrary execution of code in the context of the connected user. According to the privileges associated with the user, an attacker could then install programs; Show, modify or delete data; Or create new accounts with complete user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those that operate with administrative user rights.
Threat intelligence:
There is currently no report of these vulnerabilities exploited in the wild.
Affected systems:
- Chrome prior to 133.0.6943.98/.99 for Windows and Mac
- Chrome prior to 133.0.6943.98 for Linux
Large and medium government entities
Small government
Large and medium business entities
Small business entities
