If you are using Google Chrome on macOS, Windows, or Linux, it is crucial to update your browser immediately. The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk security warning highlighting multiple vulnerabilities in the browser. Identified as Vulnerability Note CIVN-2025-0024, these security flaws could allow hackers to execute arbitrary code on targeted systems, gain unauthorized access, and potentially take full control of affected devices. This puts not only personal users but also businesses and government institutions at risk of cyberattacks, data breaches, and financial fraud.
CERT-In has detailed that these vulnerabilities arise due to critical weaknesses in Chrome’s architecture. The flaws include "use after free" issues in Visual Studio (VS) and Navigation, inappropriate implementation in the Browser UI, and out-of-bounds memory access in Chrome’s V8 JavaScript engine. If left unpatched, these loopholes provide cybercriminals with an entry point to exploit systems by tricking users into visiting maliciously crafted websites. Once users land on these infected sites, attackers can inject malware, steal sensitive information, crash entire systems, and even launch large-scale cyberattacks targeting businesses and organizations.
These vulnerabilities are particularly dangerous for individuals who store passwords, financial details, and personal data in their browsers. If not addressed promptly, hackers could gain access to these credentials, leading to severe consequences such as identity theft, unauthorized transactions, and confidential data leaks. Additionally, enterprises that rely on Chrome for daily operations could experience operational disruptions, financial losses, and reputational damage if their systems are compromised.
Who is affected?
CERT-In has confirmed that the vulnerabilities impact users running outdated versions of Google Chrome. The affected versions are as follows:
If you are using any of these outdated versions on your device, you are at high risk of cyberattacks. The risk is not limited to individual users but extends to corporations, financial institutions, and government agencies relying on Chrome for secure browsing, work-related tasks, and online transactions.
Steps to protect your system
CERT-In, along with Google, has strongly recommended that all users update their browsers immediately to patch these security vulnerabilities. To ensure your system remains protected, follow these steps:
- Open Google Chrome on your desktop or laptop.
- Click on the three-dot menu in the upper-right corner of the browser window.
- Go to Help > About Google Chrome.
- Chrome will automatically check for updates and install the latest version if available.
- Restart your browser to apply the security patches effectively.
For additional security, users are encouraged to visit Google’s official Chrome release page to manually verify the latest security patches and download them if necessary. Keeping your browser updated ensures that you are protected against evolving cyber threats and enhances overall online safety.
