The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology, has issued a high-severity cybersecurity alert for Google Chrome users across India.
The warning highlights multiple vulnerabilities that could allow remote attackers to steal sensitive data, bypass security protections, and gain unauthorised access to targeted systems.
The advisory, released on October 30, 2025, cautions that the vulnerabilities affect Google Chrome for desktop users on Windows, macOS, and Linux platforms.
What Is the Threat?
According to CERT-In, several vulnerabilities have been found in Google Chrome’s core components, including the V8 JavaScript engine, Autofill, Extensions, and Omnibox. These flaws could enable attackers to:
-
Execute arbitrary code remotely
-
Escalate privileges
-
Bypass security restrictions
-
Disclose sensitive information
-
Launch spoofing or phishing attacks
CERT-In notes that the vulnerabilities stem from multiple technical issues such as:
-
Type Confusion in V8
-
Inappropriate implementation in V8, Extensions, and Autofill
-
Race conditions in Storage and V8
-
Policy bypass in Extensions
-
Use-after-free and out-of-bounds read errors in PageInfo, Ozone, and WebXR
-
Incorrect security handling in Fullscreen UI, SplitView, and Omnibox
These issues could potentially allow a remote attacker to compromise a system, making it critical for users to update immediately.
Who Is at Risk?
Users running the following versions of Google Chrome are affected:
-
Linux: Versions prior to 142.0.7444.59
-
Windows and macOS: Versions prior to 142.0.7444.59/60
-
Mac: Versions prior to 142.0.7444.60
CERT-In has advised that all individual users, organisations, and IT administrators verify their browser version and take immediate action to secure their systems.
What Should You Do? (Security Fix)
CERT-In has strongly urged users to update Google Chrome immediately to the latest version released by Google.
Steps to update Chrome on Windows or macOS:
-
Open Google Chrome.
-
Click the three-dot menu (top right corner).
-
Navigate to Settings → About Chrome.
-
Chrome will automatically check for updates and install them.
-
Restart your browser to complete the update.
For Linux users, update Chrome through your package manager or via Google’s official Linux repository.
Why It Matters
Google Chrome remains one of the most widely used web browsers globally, with over a billion active users. Given its popularity in India, these vulnerabilities pose a nationwide cybersecurity risk. Updating to the patched version ensures protection against remote exploitation, data theft, and system compromise.
