- The unique management of Google Chrome of the reference policy creates a great escape for the siphon of silent data
- CVE-2025-4664 demonstrates that even trusted browsers are not immune to catastrophic vulnerabilities of Zero Day
- Cross -source data are available if you have not updated Chrome or Chromium
A recently discovered zero -day vulnerability that affects both Windows and Linux systems could put thousands of Google Chrome and Chromium users with a serious risk of data theft, experts warned.
Wazuh researchers affirm that this defect, tracked as CVE-2025-4664, has already caught urgent attention due to its ability to filter data of confidential cross origin, such as Oauth tokens and session identifiers without user interaction.
The fault, identified in the component of the chrome and chromium browse charger, is related to how these browsers process the HTTP header of the link for sub -knowledge requests such as images or scripts.
Chrome opening the door to data leaks
Unlike other conventional browsers, Chrome honors the reference policy directive even in sub -knowledge.
This behavior allows a malicious site to inject a lax policy, such as insecure-URL, which effectively filters the complete URLs, including confidential data, third parties domains.
This type of exploit omits the conventional defenses of the browser and directly undermines common security assumptions in web infrastructure.
Wazuh states that it can detect and mitigate this defect through its Wazuh vulnerabilities detection module, which uses data from its cyber threat intelligence service (CTI) to monitor software versions and increase alerts when vulnerable packages are found.
In a laboratory environment configured using Wazuh Ova 4.12.0, security researchers demonstrated how the final points that Windows 11 and Debian 11 could be scanned to identify if they were executing vulnerable versions of Chrome or Chromium.
As noted on the Wazuh board, users are told to add the CVE-2025-4664 query to quickly isolate the impacted systems, with the module updating the vulnerability of “active” vulnerability to “resolved” once the mitigation steps are verified.
Google has issued an emergency patch to address the problem in Windows and Gentoo Linux systems. Users are recommended on these platforms that update their browsers immediately.
For Chromium users in Debian 11, all versions of up to 120.0.6099.224 are still vulnerable, and no updated package has yet been released. Users are encouraged to uninstall the browser until a paveled version is available.
Despite these rapid actions, the broader concern remains: how can users and companies protect themselves reliably against zero day exploits based on the browser?
The application of patches is essential, but depending solely on the browser updates can leave significant gaps. For this reason, it is recommended to use final point protection platforms, together with malware protection and antivirus solutions, to stay safe.
These tools provide defenses in layers that go beyond the vulnerabilities of the browser, offering real -time detection and containment of exploit attempts.
