CERT-In Issues Urgent High-Severity Alert for Google Chrome User
Millions of Google Chrome Users in India Urged to Update Immediately to Patch Critical Vulnerabilities
NEW DELHI- India’s cyber security watchdog, the Indian Computer Emergency Response Team (CERT-In), has sounded a high-severity alarm for Google Chrome desktop users across the country, warning of multiple critical flaws that could expose millions to remote attacks, data theft, and system compromise.
The advisory, flagged as a fresh high-risk warning, comes amid Chrome’s dominance in India’s digital landscape, where over 500 million users rely on the browser for daily browsing.
In a detailed vulnerability note released today, CERT-In highlighted exploits stemming from type confusion errors, race conditions, use-after-free bugs, and inappropriate implementations in Chrome’s core components, including the V8 JavaScript engine and extensions framework.
Also Read- Zubeen Garg Death Not Accidental, Claims Assam CM; Murder Probe Launched
These vulnerabilities, collectively rated at a CVSS score of 8.8 out of 10, could enable malicious actors to execute arbitrary code on affected devices simply by tricking users into visiting compromised websites—no user interaction required beyond loading the page.
The flaws primarily impact desktop versions of Google Chrome running on Windows, macOS, and Linux. Specifically, users with versions older than 142.0.7444.59 (Linux), 142.0.7444.59/.60 (Windows), or 142.0.7444.60 (macOS) are at immediate risk.
Also Watch- Viral Video: Woman in Labor Carried on Cart in UP’s Hamirpur
While no widespread exploitation has been reported yet, CERT-In emphasized that these zero-day-like vulnerabilities mirror patterns seen in past high-profile breaches, potentially allowing attackers to bypass sandbox protections, spoof identities, or siphon sensitive information like passwords and financial data.
“This is a high-risk scenario for Indian users, given Chrome’s market share exceeding 70% here,” said a CERT-In spokesperson in the advisory. “Immediate patching is non-negotiable to avert potential cyber threats that could disrupt services or lead to large-scale data leaks.”
Also Read- Nagaland’s BLF Wins Global Tourism Honour in London
The warning aligns with Google’s own stable channel update rolled out earlier this week, addressing the issues proactively.
Why This Matters for India’s Digital Ecosystem India’s burgeoning internet user base—now surpassing 900 million—makes it a prime target for cybercriminals. Chrome’s ubiquity, combined with rising phishing and malware campaigns, amplifies the stakes.
Earlier this year, a similar CERT-In alert in June prompted over 100 million updates within days, underscoring the urgency. Experts warn that unpatched systems could cascade into broader threats, including ransom ware or state-sponsored espionage, especially as remote work and online banking proliferate.
The advisory also nods to interconnected risks, noting that developers using platforms like GitLab—mentioned in a parallel CERT-In note—should cross-check for overlapping exposures. Globally, Chrome’s 3.5 billion users face the same peril, but CERT-In’s localized push targets India’s vulnerability to region-specific attacks, such as those exploiting local language lures or e-commerce sites.
How to Protect Yourself: Step-by-Step Guide CERT-In and Google recommend swift action to mitigate the risks:
Check Your Version: Open Chrome and navigate to Settings > About Chrome (or type chrome://settings/help in the address bar). If your version is below the thresholds mentioned, an update will auto-download.
Update Immediately: Click “Relaunch” after the download completes. For manual intervention, visit Google’s Chrome Releases page for the latest stable build.
Enable Auto-Updates: Ensure background updates are active under Settings > About Chrome > Additional Settings.
Additional Precautions: Avoid suspicious links, enable site isolation in Chrome flags (chrome://flags/#enable-site-per-process), and consider multi-factor authentication for linked accounts.
Users encountering issues post-update are advised to report via CERT-In’s portal at cert-in.org.in. As patches roll out weekly, CERT-In urges habitual checks to stay ahead of evolving threats.
This latest alert underscores the relentless pace of cybersecurity challenges in 2025, where browser flaws remain a gateway for sophisticated attacks. With Diwali festivities underway, Indian authorities are reminding netizens: A quick update could be the best gift to your digital security. For the full advisory, visit CERT-In’s vulnerability portal.
