Google Releases Urgent Chrome Update to Thwart Espionage Exploit

Google is offering an updated version of its Chrome browser to the masses after mending a grave security flaw said to be exploited in espionage.

“The Stable channel has been updated to 134.0.6998.177/.178 for Windows which will roll out over the coming days/weeks,” writes Srinivas Sista on the Google Chrome Releases blog. […] This update includes 1 security fix.”

At first glance, the release looks like a simple maintenance update. However, the single security fix in the advisory is, in fact, serious enough to warrant everyone’s attention.

A high-risk vulnerability

The flaw, tracked as CVE-2025-2783 and rated as a high-risk issue, is described as an “incorrect handle provided in unspecified circumstances in Mojo on Windows.”

“Google is aware of reports that an exploit for CVE-2025-2783 exists in the wild,” the advisory cautions.

Mojo is a collection of runtime libraries facilitating message-passing across arbitrary inter- and intra-process boundaries, according to the Chromium project documentation.

As is traditionally the case with exploited bugs, Google is keeping the technical details under wraps until most users are updated with a fix. However, those who discovered and reported the issue to Google make no secret of its severity.

Exploit allegedly used in espionage

Google credits Boris Larin and Igor Kuznetsov of Kaspersky as the researchers who reported the issue to the web giant about a week ago.

The duo reveals in a blog post that the issue has been exploited in “sophisticated” malware attacks likely used for espionage.

“Our research is still ongoing, but judging by the functionality of the sophisticated malware used in the attack, it seems the attackers’ goal was espionage,” Kuznetsov and Larin write. “The malicious emails contained invitations supposedly from the organizers of a scientific and expert forum, ‘Primakov Readings,’ targeting media outlets and educational institutions in Russia.”

Based on the content of the phishing emails, the researchers dubbed the campaign “Operation ForumTroll.”

According to the report, infection occurred immediately after victims accessed the tainted links from an unpatched Chrome browser, with no further action required to become infected.

The researchers found the exploit particularly interesting as it allowed attackers to “bypass Google Chrome’s sandbox protection as if it didn’t even exist,” [all]  “without doing anything obviously malicious or forbidden.”

Second zero-day flaw of the year

This release marks the second zero-day fix for Chrome this year, following reports that hackers were actively exploiting a GPU security weakness issue in the macOS version of Chrome.

The flaw, reported to Apple’s Security Engineering and Architecture team SEAR on March 5, is one of the key vulnerabilities patched by the Cupertino tech company in its own ecosystem, carrying a similar high-risk rating.

Update your Chrome browser!

If you’re a Chrome user on Windows, we recommend making this update a priority. Threat actors have been known to use such vulnerabilities in various campaigns, including in spyware attacks.

Even if you don’t consider yourself a target, Bitdefender recommends you deploy the latest updates for all your personal devices the moment they're available – especially when the vendor tags the addressed issues as potentially exploited in the wild.

As of today, Chrome users on Windows will want to be on version 134.0.6998.178 to make sure their browser is patched against other potential malicious campaign exploiting this flaw – now that the cat’s out of the bag.

Chrome is programmed to check for the latest version on every relaunch. If you haven’t closed Chrome in a while, you can start the process manually. Visit the three-dotted options menu, choose Settings -> About Chrome, and let the browser fetch the latest version from Google’s servers. When prompted, relaunch Chrome.

For peace of mind, consider running a dedicated security solution on all your personal devices.