The Indian Computer Emergency Response Team (CERT-In) has issued an advisory for users of the Google Chrome browser on Windows PCs, Macs, and Linux devices, highlighting security vulnerabilities in older versions of the browser. A similar warning has been issued for Chromebook devices running outdated versions of ChromeOS

Figure 1. CERT-In Issues Critical Security Alert for Google Chrome Vulnerabilities.

CERT-In has categorized these vulnerabilities as "High risk," cautioning that they could enable attackers to gain unauthorized access to sensitive user data, cause denial of service, and more by exploiting "specially crafted webpages." The advisory noted that both individual and organizational users could be affected. Figure 1 shows CERT-In Issues Critical Security Alert for Google Chrome Vulnerabilities.

Understanding the CERT-In Chrome Advisory

India's CERT-In, the national cybersecurity response agency, issues high-risk advisories to highlight immediate threats that require attention. Their recent advisory regarding Google Chrome has flagged multiple vulnerabilities that could be exploited by hackers to compromise system integrity. These vulnerabilities include:

• Type Confusion in V8
• Out-of-bounds memory access in V8
• Out-of-bounds write in V8
• Use after free in compositing

Google Chrome, widely used for its efficiency and cross-platform compatibility, can pose a significant security risk if left unpatched. CERT-In’s advisory urges users to take prompt action, not just by updating their browsers, but also by strengthening overall cybersecurity practices to safeguard against such vulnerabilities.

The Importance of Keeping Google Chrome Updated

It is crucial for all Chrome users to update to version 131.0.6778.264 immediately to address the CVE-2025-0291 vulnerability, which could allow malicious code execution if left unpatched. To manually update, go to the Help section in the Chrome menu, select "About," and the update will begin automatically. Be sure to restart your browser afterward to ensure the update takes effect.

Given the severity of this vulnerability, taking a proactive approach to updates is vital. Don’t rely solely on automatic updates—manually applying updates promptly is an essential part of maintaining strong cybersecurity practices and protecting system integrity.

Why This Matters for End-Users and Organizations

The vulnerabilities identified in Google Chrome not only affect individual users but also present significant risks to organizations that rely on the browser for daily operations. Hackers can exploit these flaws to compromise sensitive data, cause system crashes, or exfiltrate information, which could lead to financial losses and reputational harm.

CERT-In has stressed the urgency of taking immediate action to prevent exploitation. This is especially critical for organizations, where compromised systems can result in breaches of sensitive data, disruptions to business operations, or even compliance violations. By addressing these vulnerabilities promptly, both individual users and organizations can significantly reduce the risk of exploitation and safeguard their systems and data.

How Hackers Exploit These Vulnerabilities

Cybercriminals can take advantage of these vulnerabilities by crafting malicious websites or requests that specifically target the weak points in Google Chrome. For example:

• Remote Code Execution (RCE): Attackers can execute harmful code on a victim’s device, potentially gaining full control of the system.
• Denial of Service (DoS): Attackers can overwhelm a system with excessive requests, causing it to become unstable or crash.
• Sensitive Data Theft: Exploiting these vulnerabilities could allow attackers to steal private information, such as passwords, financial details, or other personal data.

These types of attacks emphasize the critical importance of keeping browsers up to date. Outdated software is often the easiest target for hackers, making regular updates a crucial line of defense against exploitation.

Reference:

1. https://kknlive.com/en/science-technology/cert-in-warns-of-critical-security-vulnerabilities-in-google-chrome/amp/
2. https://www.business-standard.com/technology/tech-news/cert-in-issues-urgent-security-alert-over-vulnerabilities-in-google-chrome-125012700309_1.html

Cite this article:

Priyadharshini S (2025),” CERT-In Issues Urgent Security Advisory Regarding Vulnerabilities in Google Chrome, AnaTechMaz, pp. 212