Google Patches Chrome Sandbox Escape Zero-Day Caught By Kaspersky (securityweek.com)
(Wednesday March 26, 2025 @06:00AM (BeauHD)
from the time-to-update dept.)
- Reference: 0176825041
- News link: https://slashdot.org/story/25/03/26/0143210/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky
- Source link: https://www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
[1]wiredmikey shares a report from SecurityWeek:
> Google late Tuesday rushed out a patch for a sandbox escape vulnerability in its flagship Chrome browser after researchers at Kaspersky [2]caught a professional hacking operation launching drive-by download exploits . The vulnerability, tracked as [3]CVE-2025-2783 , was chained with a second exploit for remote code execution in what appears to be a nation-state sponsored cyberespionage campaign [dubbed [4]Operation ForumTroll targeting organizations in Russia.
>
> Kaspersky said it detected a series of infections triggered by phishing emails in the middle of March and traced the incidents to a zero-day that fired when victims simply clicked on a booby-trapped website from a Chrome browser. The Russian anti-malware vendor [5]said victims merely had to click on a personalized, short-lived link, and their systems were compromised when the malicious website was opened in Chrome. Kaspersky said its exploit detection tools picked up on the zero-day, and after reverse-engineering the code, the team reported the bug to Google and coordinated the fix released on Tuesday.
[1] https://slashdot.org/~wiredmikey
[2] https://www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
[3] https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
[4] https://securelist.com/operation-forumtroll/115989/
[5] https://securelist.com/operation-forumtroll/115989/
> Google late Tuesday rushed out a patch for a sandbox escape vulnerability in its flagship Chrome browser after researchers at Kaspersky [2]caught a professional hacking operation launching drive-by download exploits . The vulnerability, tracked as [3]CVE-2025-2783 , was chained with a second exploit for remote code execution in what appears to be a nation-state sponsored cyberespionage campaign [dubbed [4]Operation ForumTroll targeting organizations in Russia.
>
> Kaspersky said it detected a series of infections triggered by phishing emails in the middle of March and traced the incidents to a zero-day that fired when victims simply clicked on a booby-trapped website from a Chrome browser. The Russian anti-malware vendor [5]said victims merely had to click on a personalized, short-lived link, and their systems were compromised when the malicious website was opened in Chrome. Kaspersky said its exploit detection tools picked up on the zero-day, and after reverse-engineering the code, the team reported the bug to Google and coordinated the fix released on Tuesday.
[1] https://slashdot.org/~wiredmikey
[2] https://www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
[3] https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
[4] https://securelist.com/operation-forumtroll/115989/
[5] https://securelist.com/operation-forumtroll/115989/
Sad reality (Score:2)
by Artem S. Tashkinov ( 764309 )
For years I've been thinking about moving my browsers into a VM, but I've never done it because the web has gotten so heavy that doing so will result in much higher CPU/RAM consumption, and what's worse, VMs don't support HW-accelerated video decoding, so this will be even worse.
I just hope I'll never be a target of such exploits and I'm under Linux which is being targeted less than e.g. Windows and MacOS.
Perhaps web browsers need to become virtual machines themselves.
Don't use Chrome (Score:2)
by bsdetector101 ( 6345122 )
Problem solved
A nice job by both (Score:2)
A nice job by both Karspersky and Google.