Google Chrome has once again come under scrutiny after the Indian Computer Emergency Response Team (CERT-In) issued a high-severity advisory warning millions of users of newly discovered security flaws. The alert affects Chrome users across Windows, macOS and Linux and marks the second major browser warning issued in India this month.

The vulnerabilities, if exploited, could allow attackers to remotely compromise devices simply by persuading users to visit a specially crafted webpage. Given Chrome’s widespread adoption across personal and enterprise systems, the advisory has triggered fresh concerns over digital security.

For additional cyber-safety updates, readers may explore:

What caused the Chrome security issue?

According to CERT-In, several complex and interlinked vulnerabilities have been identified within Chrome’s underlying systems. These include:

  • Type Confusion and Race conditions in the V8 JavaScript engine
  • Improper implementations in Google Updater, DevTools, Downloads, Split View, WebRTC, and Password Manager
  • Use-after-free flaws in Digital Credentials and Media Stream components
  • Bad cast issues in Loader

Together, these weaknesses could allow attackers to execute malicious code, steal data, or potentially take control of affected systems. The risks mirror those recently reported in Microsoft Edge, which operates on the same Chromium engine.

Who is affected?

Both individual users and organisations that rely on Chrome for secure browsing are at risk. The advisory lists the following versions as vulnerable:

  • Google Chrome prior to 143.0.7499.40/41 for Windows
  • Google Chrome prior to 143.0.7499.40/41 for macOS
  • Google Chrome prior to 143.0.7499.40 for Linux

Enterprises that deploy Chrome across workstations are particularly urged to verify all installations, as outdated versions may expose entire networks to coordinated attacks.

For context on the browser’s underlying architecture, readers may refer to:

What users should do now

Google is aware of the vulnerabilities and has already issued patched versions. CERT-In urges all users to update immediately to the latest available release.

How to update Chrome

  1. Open Chrome
  2. Click the three-dot menu (top-right corner)
  3. Go to Settings
  4. Select About Chrome
  5. Allow Chrome to check for updates and install the latest version

Restarting the browser ensures that security patches activate properly.

Why these updates matter

Browser vulnerabilities are among the most exploited entry points for cybercriminals. As Chrome is widely used for online banking, cloud services, office communication and business operations, a delay in installing updates significantly increases exposure to phishing, malware and data theft.

Regular patching remains the simplest and most effective defence against browser-based attacks. The latest advisory serves as a reminder that cybersecurity is a shared responsibility between developers, governments and users themselves