Skip to main content

Google Patches Actively Exploited Chrome Vulnerability in Latest Update

Google has rolled out Chrome version 134.0.6998.177/178 for Windows, addressing a high-risk security vulnerability that has already been exploited by malicious actors. However, Chrome updates for macOS, Linux, and Android have yet to be announced, leaving users on those platforms waiting for a security patch. Given the severity of the flaw, developers of other Chromium-based browsers, such as Microsoft Edge, Brave, and Vivaldi, are expected to release their own updates soon.

CVE-2025-2783: A Critical Mojo Vulnerability

In a Chrome Releases blog post, Google engineer Srinivas Sista identified the patched vulnerability as CVE-2025-2783, an exploitable bug in Mojo—a collection of runtime libraries used for inter-process communication. This issue was first reported to Google on March 20th by security experts Boris Larin and Igor Kuznetsov from Kaspersky. Given its classification as a high-risk flaw, the update is considered urgent.

Google has confirmed active exploitation of this vulnerability, suggesting that attackers have already been using it in real-world attacks. While the full details of the exploit remain undisclosed, the fact that the update has only been released for Windows implies that Windows systems are the primary targets.

Chromium-Based Browsers Must Follow Suit

With Google patching the flaw in Chrome, developers of other browsers built on Chromium must now follow suit. Microsoft Edge, Brave, and Vivaldi are expected to push updates soon, while Opera remains behind on Chromium version 132, raising concerns about its security posture.

The Importance of Additional Security Measures

This latest vulnerability underscores the ever-present risks of cyber threats, where attackers can exploit flaws before developers even become aware of them. While Chrome typically updates automatically, users can manually check for updates via Help > About Google Chrome. Chrome 135 is set to arrive next week, but until then, Windows users should ensure they are running the latest version.

Furthermore, this incident highlights the need for strong antivirus software as an extra layer of protection. Even with frequent security updates, zero-day vulnerabilities remain a serious risk, making it crucial to have reliable security software in place to protect against potential exploits.