India’s cybersecurity nodal agency, CERT-In, has issued a high-severity rating alert for users of Google Chrome in the country regarding several vulnerabilities present in the popular web browser. These bugs, found towards the end of October 2025, affect various Chrome desktop builds running on Windows, macOS, or Linux and may be exploited to remotely hijack machines, run malware, bypass security defenses, and otherwise pilfer personal information. The severe flaws include type confusion, policy bypass, use-after-free, and out-of-bounds read problems in multiple Chrome components, including the V8 JavaScript engine, Extensions, Media, and UI elements.
CERT-In has recommended that all desktop users update their Google Chrome browser to version 142 or later for secure browsing. CERT-In cautions users to install the updated version of Chrome to address the vulnerability that poses a potential cyber threat. Attackers could exploit this. Theynerabilitaddby tricking users into visiting a specially crafted, malicious web page to obtain unauthorized access or compromise data, the agency cautions.
Details of the Chrome Vulnerabilities
The vulnerabilities uncovered involve multiple components of the Chrome browser, including:
- Type Confusion in V8 (the JavaScript engine)
- Incorrect implementations in Extensions and App-Bound Encryption
- Use-after-free issues in PageInfo and Ozone rendering components
- Race Conditions in V8 and Storage
- Out-of-bounds read errors in V8 and WebXR
- Security UI inconsistencies in Omnibox, Fullscreen UI, and SplitView
- Policy bypasses vulnerabilities in Extensions
These problems allow hackers to run harmful code remotely, gain higher privileges, or leak private user data without permission.
Impacted Users and Risk
The alert targets all end-user organizations and individuals using Google Chrome on desktop platforms across India. The vulnerable versions identified are:
- Chrome versions before 142.0.7444.59 on Linux
- Chrome versions before 142.0.7444.59/60 on Windows and macOS
Users running these outdated versions face a high risk of cyberattacks, including remote code execution and data theft.
Recommended Actions for Users
CERT-In strongly advises updating Google Chrome to the latest stable version immediately. The update process is simple:
- Open Chrome on your desktop.
- Click on the three-dot menu at the upper-right corner.
- Navigate to Settings > About Chrome.
- Chrome will automatically check for updates and install the latest version.
- Restart the browser to complete the update.
This update will patch all known vulnerabilities and secure devices against ongoing threats.
Government and Industry Response
CERT-In, part of the Indian Ministry of Electronics and Information Technology, closely monitors security threats to browsers. Google has quickly released patches and offered bug bounties to researchers who found these serious security holes. This shows how seriously the company takes user safety.
Internet browsers are still a popular target for attackers because they can connect to and access sensitive personal and business information. Users are encouraged to stay alert and install security updates as soon as possible.
India’s high-risk alert for Google Chrome users is a strong cybersecurity warning that underscores the importance of keeping your software up to date to prevent bad actors from exploiting it. To protect their data and privacy from new cyber threats, Chrome users should make updating their browsers a top priority.