About the Vulnerability
Introduction
Google Chrome is a web browser developed by Google. It is written based on other open-source software, including WebKit, with the aim of enhancing stability, speed, and security, and creating a simple and efficient user interface.
Summary
On February 19, 2025, Sangfor FarSight Labs received notification that a Google-Chrome component contains information of Buffer Overflow Vulnerability(CVE-2025-0999), classified as high in threat level.
A critical heap buffer overflow vulnerability exists in the V8 JavaScript engine of the Chrome browser. Attackers can exploit this vulnerability to execute arbitrary code and gain user system privileges, leading to a system compromise.
Affected Versions
Google Chrome < 133.0.6943.126
Solutions
Remediation Solutions
Check the System Version
To check the current version of Chrome, open the Chrome browser and click on Settings—About Chrome.
Official Solution
The latest version has been officially released by Google to fix the vulnerability. Affected users are advised to update the version of chrome browser to the following versions:
133.0.6943.126/.127 for Windows, Mac
133.0.6943.126 for Linux
Download link: https://www.google.cn/intl/zh-CN/chrome/
Timeline
On February 19, 2025, Sangfor FarSight Labs received notification of Google Chrome Browser Buffer Overflow Vulnerability.
On February 19, 2025, Sangfor FarSight Labs released a vulnerability alert.
Reference
https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html
