Chrome is under attack – you have 21 days to update.
Despite Microsoft’s efforts to push users aside, Chrome is the default browser for the overwhelming majority of Windows users. All of these users now have to update Chrome, after Google warned that a new zero -day exploitation has been found in the wild. An emergency update was released yesterday and must be installed immediately.
Vulnerability was discovered by Cappeaski This month, with the team’s warning of a “wave of infections from previously unknown and extremely sophisticated malware”. The attack comes through an e -mail link and “infection happens immediately”. In addition to clicking on the link, Kaspersky says: “No further action is required to be infected.”
Now America’s US Defense Service has issued its own warning for users to inform Chrome by April 17 “or to discontinue the use of the product” if they cannot. This command is formally applied to any federal employee but Cisa’s Guidance must be followed by all public and private organizations, large and small. The organization’s mission is “to help every organization better manage vulnerabilities and keep up with threat activity”.
Chrome’s fixed desktop for Windows has been informed in 134.0.6998.177/178 to patch cve-2025-2783. Check for this update now and once you download, make sure you reboot your browser to install Fix. Reports indicate that current attacks are extremely targeted, but now it has been corrected, you can expect the attacks to increase while still working. As always, an targeted exploitation finds his way to other hands quickly.
Kaspersky says that “this particular exploitation is definitely one of the most interesting we have encountered”, since “without doing something obviously malicious or forbidden, it allowed the attackers to bypass the protection of Google Chrome Sandbox as if it didn’t even exist.” And in terms of performance, Kaspersky says he can “conclude with certainty that a state -supported group is behind this attack”.
This current chain of attacks takes advantage of another that has not yet been specified. But informing Chrome stops attacks in each case.
