Request a Demo
Rewterz
Multiple Trend Micro Apex One Vulnerabilities
March 26, 2025
Rewterz
CVE-2025-22230 – VMware Tools Vulnerability
March 26, 2025

Google Patches Chrome Zero-Day Exploit in Active Attacks

Severity

High

Analysis Summary

Google has released an out-of-band fix for CVE-2025-2783, a high-severity Chrome vulnerability actively exploited in the wild. The flaw, linked to incorrect handle usage in Mojo on Windows, allows attackers to bypass Chrome’s sandbox protection. The vulnerability has been patched in Chrome version 134.0.6998.177/.178 for Windows.

Discovered by researchers on March 20, 2025, CVE-2025-2783 marks Chrome’s first known zero-day exploit of the year. The attacks, attributed to Operation ForumTroll, targeted media outlets, educational institutions, and government organizations in Russia.

The attack chain starts with phishing emails disguised as invitations from the Primakov Readings scientific forum. Victims clicking the links unknowingly trigger exploitation within Chrome, requiring no further action to become infected. Researchers believes a state-sponsored APT group is behind the attack.

The vulnerability is suspected to work alongside an additional exploit enabling remote code execution, but researchers has not yet obtained it. Given the sophistication of Operation ForumTroll, organizations are urged to update Chrome immediately to prevent potential compromise.

Impact

  • Security Bypass
  • Remote Code Execution

Indicators of Compromise

CVE

  • CVE-2025-2783

Affected Vendors

  • Google

Affected Products

  • Chrome 134.0.6998.177
  • Chrome 134.0.6998.178

Remediation

  • Refer to Google Chrome Website for patch, upgrade, or suggested workaround information.
  • Enable Enhanced Protection Mode in Chrome settings.
  • Avoid clicking links in unsolicited emails, especially from unknown senders.
  • Use endpoint protection solutions to detect and block exploits.
  • Implement sandboxing and application isolation to limit browser-based threats.
  • Regularly update operating systems and security patches.
  • Conduct security awareness training to prevent phishing attacks.
  • Monitor network activity for suspicious outbound connections.
  • Restrict execution of untrusted scripts and downloads.
  • Enable multi-factor authentication (MFA) to secure sensitive accounts.