Alert GCSA-25121 - Vulnerabilita' in Google Chrome

Alert GCSA-25121 - Vulnerabilita' in Google Chrome

ottobre 30, 2025

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

******************************************************************

Alert ID: GCSA-25121
Data: 30 Ottobre 2025
Titolo: Vulnerabilita' in Google Chrome

******************************************************************

:: Descrizione del problema

E' stata identificata una vulnerabilita' in Google Chrome
che potrebbe essere sfruttate da un attaccante remoto
per rivelare informazioni riservate, eludere restrizioni di sicurezza
ed eseguire codice arbitrario su un sistema che ne sia affetto.

Maggiori informazioni sono disponibili alla sezione "Riferimenti".

:: Software interessato

Google Chrome versioni precedenti alla 142.0.7444.60 per Mac
Google Chrome versioni precedenti alla 142.0.7444.59 per Linux
Google Chrome versioni precedenti alla 142.0.7444.59/60 per Windows

:: Impatto

Remote Code Execution
Information Disclosure
Security Restriction Bypass
Spoofing

:: Soluzioni

Aggiornare alla versione piu' recente.

L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stata disattivata l'opzione "aggiornamento
automatico".

Gli utenti desktop possono verificare l'avvenuto aggiornamento
scegliendo dal menu (icona 3 punti verticali) la voce
Guida -> Informazioni su Google Chrome.

Per l'installazione manuale scaricare il software dal sito
ufficiale:

http://www.google.com/chrome/?hl=it

:: Riferimenti

Google Chrome Releases
https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12430
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12431
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12432
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12433
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12438
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12439
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12440
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12441
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12443
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12444
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12445
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12446
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12447

GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaQMfnA0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCp8UAnjqLQJM5cDsEvrLdWBqe+/WgnvlNAKC7vhly9/9n
gEqgYXGb8s4EFdwyZA==
=fSJ0
-----END PGP SIGNATURE-----