Google Chrome Zero-Day Vulnerability - 20250617001

Overview

Chrome has released security updates to address a security flaw, whereby an inncorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows allowed a remote attacker to perform a sandbox escape via a malicious file.

What is vulnerable?

Product(s) Affected	Version(s)	CVE	CVSS	Severity
Google Chrome on Windows	versions prior to 134.0.6998.177	CVE-2025-2783	8.3	High

What has been observed?

The WA SOC has not received any reports of exploitation of this vulnerability on Western Australian Government networks at the time of writing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):

• Google Chrome Updates: https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

Additional References

• Securityonline: https://securityonline.info/team46-taxoff-exploits-google-chrome-zero-day-cve-2025-2783-in-sophisticated-phishing-campaign/