The Indian Computer Emergency Response Team (CERT-In) has released a crucial advisory highlighting several serious security loopholes in Google Chrome for desktop systems. These flaws could potentially let attackers gain control over affected machines by executing arbitrary code remotely.
Dated May 16, 2025, the alert classifies the threat as high-risk. According to the advisory, cybercriminals can exploit these security weaknesses to compromise user devices by simply tricking individuals into opening a specially crafted malicious webpage.
The vulnerabilities stem from inadequate enforcement of certain policies in Chrome’s Loader component, as well as improper handling in Chrome’s Mojo system under undefined conditions.
CERT-In strongly recommends all Chrome users to update their browser without delay. The security patches addressing these vulnerabilities have been incorporated starting from Chrome version 136.0.7103.113. Users can install the update using Chrome’s internal update feature or refer to the Chrome Releases blog for more details.
Steps to Update Google Chrome:
Launch Chrome and click the three-dot menu icon in the upper-right corner.
Navigate to Help > About Google Chrome.
Chrome will automatically begin checking for updates and install the latest version if available.
Why This Matters — Key Dangers Include:
Unauthorized access to private and sensitive information
Potential corruption or malfunction of your computer
Infiltration of malicious software, including viruses and spyware
To protect your device and data, ensure that Chrome is updated immediately as advised by CERT-In.