Alert Google Chrome users! Government warns of major security risk: How to protect your devices
CERT-In has issued a high-severity alert for Google Chrome desktop users, warning of security flaws in outdated versions. Vulnerabilities could allow cybercriminals to gain remote access. Users should update to the latest versions to protect against potential attacks exploiting these weaknesses.
The Indian Computer Emergency Response Team (CERT-In), under the Ministry of Electronics and Information Technology (MeitY), has released a high-severity alert for desktop users of Google Chrome. This advisory affects systems running on Windows, macOS, and Linux, and warns of significant security flaws in outdated versions of the browser. These vulnerabilities could potentially be exploited by cybercriminals to gain remote control over compromised devices.
According to the alert, Chrome versions prior to 136.0.7103.113 on Linux and versions prior to 136.0.7103.113 or 136.0.7103.114 on Windows and Mac are susceptible to exploitation. The flaws stem from weaknesses in two components of the browser: the Loader and Mojo. While the Loader suffers from insufficient policy enforcement, Mojo — which facilitates inter-process communication — has been flagged for improper handling. These loopholes could be exploited by attackers to execute arbitrary code, potentially compromising an entire system.
You may be interested in
40% OFF
Acer Chromebook 314 CB314 1H C884 (NX.HKDAA.005) Laptop (Celeron Dual Core/4 GB/64 GB SSD/Google Chrome)
Silver- 4 GB RAM
- 64 GB SSD
₹31990
₹52990Get This
Lenovo Ideapad Slim 3 (82KU017KIN) Laptop (AMD Hexa Core Ryzen 5/8 GB/512 GB SSD/Windows 11)
- Arctic Grey
- 8 GB RAM
- 512 GB SSD
₹36510
Check Details
HP 15s Eq2144AU (50M63PA) Laptop (AMD Hexa Core Ryzen 5/8 GB/512 GB SSD/Windows 11)
- Natural Silver
- 8 GB RAM
- 512 GB SSD
₹36499
Check Details
HP 14s Dy2506TU (546K2PA) Laptop (Core I3 11th Gen/8 GB/512 GB SSD/Windows 11)
- Natural Silver
- 8 GB RAM
- 512 GB SSD
₹37390
Check Details
What adds urgency to the advisory is the active exploitation of one of the vulnerabilities, identified as CVE-2025-4664. CERT-In notes that cybercriminals are already using this flaw in real-world attacks. The vulnerability can be triggered when a user is tricked into visiting a malicious website or clicking on a compromised link, enabling attackers to inject malware, steal personal data, or even crash the system.
Google has confirmed that the issues have been patched in the latest Chrome versions — 136.0.7103.113 and 136.0.7103.114 — which are being released through the browser’s Stable channel. Users are urged to update their browsers immediately to secure their systems against potential breaches.
Fortunately, updating Chrome is a straightforward process. Users can simply open the browser, click on the three-dot menu in the top-right corner, navigate to Help, and then select About Google Chrome. The browser will automatically check for available updates and install them. Restarting Chrome completes the update process.
CERT-In strongly advises all individuals and organisations using Chrome on desktop computers to ensure they are running the latest version as soon as possible. Prompt action could help prevent serious cyberattacks targeting known vulnerabilities already in circulation.
Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.