Update browser now! High-risk security flaws found in Google Chrome
What's the story
The Indian Computer Emergency Response Team (CERT-In) has released a high-risk security warning for Google Chrome users on macOS, Windows, and Linux.
The advisory, titled Vulnerability Note CIVN-2025-0024, details a number of security vulnerabilities in the desktop versions of Google Chrome.
If exploited by hackers, the flaws could lead to unauthorized access and execution of arbitrary code on targeted systems.
List
What are the security flaws in Chrome?
The critical security flaws flagged by CERT-In involve 'use after free' in Visual Studio (VS) and Navigation, improper implementation in the Browser UI, and out-of-bounds memory access in Chrome's V8 JavaScript engine.
Hackers can exploit these loopholes by luring users to malicious websites, and potentially taking control of their systems.
User impact
Potential risks of unpatched vulnerabilities
CERT-In warns that these vulnerabilities could have far-reaching consequences, especially for those who store sensitive information like passwords, financial data, and personal details in their browsers.
If not addressed quickly by updating the system, attackers could gain access to this critical information leading to higher risk of identity theft and fraud.
The high-risk vulnerabilities are mainly affecting users running outdated versions of Google Chrome on desktops.
Security measures
CERT-In and Google urge immediate browser update
As a precaution against these security vulnerabilities, CERT-In and Google are advising users to update their browsers to the latest stable version immediately.
You can do this by opening Chrome on your PC, clicking on the three-dot menu in the top-right corner of the browser, and heading over to Help > About Google Chrome, where Chrome will automatically check for updates and install the latest version.
A restart of the browser is required to apply these updates.
Extra precautions
Additional security measures recommended by CERT-In
Apart from updating Chrome, CERT-In recommends users to enable automatic updates to get the latest security patches on time.
Users are also advised against downloading unverified extensions that could exploit these security vulnerabilities.
Using strong, unique passwords and activating two-factor authentication (2FA) for added security is also recommended.
Staying vigilant against phishing emails and suspicious links that may try to exploit browser vulnerabilities is another recommended precautionary measure.