Google Chrome Zero-Day Vulnerability Exploited in Espionage Attacks
⚡ TL;DR | Go Straight to the Google Chrome 134 Vulnerability Audit Report
Google has released an urgent security update for Chrome 134 for Windows in response to a high-severity zero-day vulnerability. The vulnerability has already been exploited in the wild and is being used in espionage attacks. We have added a new report to Lansweeper to help you locate vulnerable Chrome installations.
Google Chrome 134 Vulnerability CVE-2025-2783
The update for Google Chrome addresses a single high-severity vulnerability tracked as as CVE-2025-2783. Google’s advisory describes the vulnerability as a case of “ncorrect handle provided in unspecified circumstances in Mojo on Windows”. As usual, Google hasn’t revealed any further details about the vulnerability or the nature of any known exploits, but it does confirm that the flaw has been exploited in the wild.
We do have more information from the Kapersky researchers who discovered the zero-day and are tracking its activity under the name “Operation ForumTroll” . Their report confirmed that the exploit uses this vulnerability to bypass Chrome sandbox protections and infect targets with malware. The vulnerability is known to be used in phishing attacks targetting Russian organizations for espionage goals.
Update Vulnerable Chrome Installations
This zero-day has been fixed in the new update for Chrome 134, that is version 134.0.6998.177/.178 for Windows. As always, Google is holding off on releasing further details until a majority of users has had a chance to update their installations. That way malicious actors won’t be able to leverage the additional information for further attacks.
Discover Vulnerable Chrome Installs
An updated Google Chrome audit report has been added to your Lansweeper installations to help you locate any vulnerable instances of Google Chrome in your network. This report will give you an actionable list of installations that haven’t been updated to the fixed version yet. You can get the report via the link below.
Ready to get started?
You’ll be up and running in no time.
Explore all our features, free for 14 days.