MS-ISAC consultancy number:
2025-031
Published date (s):
03/26/2025
PREVIEW:
A vulnerability has been discovered in Google Chrome, which could allow arbitrary Code execution. Successful exploitation of this vulnerability could allow arbitrary Code execution in the context of the registered user. According to the privileges associated with the user, an attacker could then install programs; Show, modify or delete data; Or create new accounts with complete user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those that operate with administrative user rights.
Threat intelligence:
Google is aware of the reports according to which a feat for CVE-2025-2783 exists in nature. Kaspersky researchers said the infection occurred immediately after the victim clicked on a link in a phishing email, and the attacker's website was opened using the Google Chrome web browser.
Affected systems:
- Chrome prior to 134.0.6998.177/.178 for Windows.
Large and medium government entities
Small government
Large and medium business entities
Small business entities
