Update your browser! Critical vulnerabilities found in Google Chrome
What's the story
The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk warning for Google Chrome's desktop users.
The warning comes due to multiple critical vulnerabilities in the browser that could possibly allow remote attackers to take over the system.
This security advisory is important for both individuals and organizations in the country and needs immediate action.
Security flaws
Exploitable vulnerabilities identified
As per CERT-In's vulnerability note CIVN-2025-0040, several security vulnerabilities have been identified in Google Chrome's codebase.
These include the Out-of-Bounds Read in V8, PDFium, and Media that could let attackers access sensitive data.
Other issues include improper limitation of a pathname in DevTools, use-after-free in profiles, and inappropriate implementation in Browser UI, Media Stream, Selection, and Permission Prompts.
Version details
Affected versions of Google Chrome
The vulnerabilities flagged by CERT-In are especially dangerous as they can be exploited remotely.
This could enable cyber attackers to steal information, run malicious code, or bypass security protections on targeted systems.
The following versions of Google Chrome are impacted by these vulnerabilities: For Linux - versions prior to 134.0.0998.35, for Windows - versions earlier than 131.0.6998.35/36; and versions prior to 134.0.6008.44/45 (for Mac).
User action
Recommended security measures for users
To shield yourself from the risk of remote exploitation, we recommend updating Google Chrome right away.
Just open the browser and tap the three-dot menu in the top-right corner.
From there, head over to Help > About Google Chrome where it shall automatically check for updates and install them.
Also, turn on automatic updates to get security patches as soon as Google releases them.