Urgent Warning for Google Chrome Users on Windows and Mac: Critical Security Flaws Exposed by Government

Urgent Warning for Google Chrome Users on Windows and Mac: Critical Security Flaws Exposed by Government
By: Search More Team
Posted On: 27 January

India's cybersecurity watchdog, CERT-In, has raised a red flag for users of Google Chrome, urging them to act swiftly. The agency has identified two critical vulnerabilities in the popular browser that could put sensitive user data and devices at risk. This warning applies predominantly to those using Chrome on Windows and Mac desktops and laptops, with smartphone users largely unaffected. Here's everything you need to know about the threat and how to protect yourself.

What Are the Google Chrome Vulnerabilities?

CERT-In, the Computer Emergency Response Team of India, flagged two major vulnerabilities — CIVN-2025-0007 and CIVN-2025-0008 — which pose a significant threat to users. These vulnerabilities have been classified with severity ratings of "critical" and "high," underlining their dangerous potential.

CIVN-2025-0007: This affects Chrome versions prior to 132.0.6834.83/8r on Windows and Mac.CIVN-2025-0008: This targets Chrome versions before 132.0.6834.110/111 on Windows and Mac, as well as versions before 132.0.6834.110 for Linux.

These vulnerabilities stem from various issues, including memory access errors, improper implementations in multiple features (like navigation and payments), integer overflow problems, and insufficient data validation in Chrome extensions.

How Can These Security Flaws Impact Users?

The potential consequences of these vulnerabilities are alarming. CERT-In detailed that:

CIVN-2025-0007 could allow remote attackers to: Execute arbitrary code on a user’s device.Cause denial of service (DoS) conditions.Expose sensitive user data.Bypass essential security measures.CIVN-2025-0008 has a similar impact, enabling hackers to: Execute malicious code remotely.Disrupt system operations via DoS conditions.

By exploiting these vulnerabilities, attackers can infiltrate systems and compromise sensitive data, leading to system instability and potential data exfiltration.

What Causes These Vulnerabilities?

According to CERT-In, the flaws in Google Chrome arise from multiple factors, including:

Out-of-bounds memory access in the V8 engine, a core component of Chrome.Improper implementation in fullscreen and fenced frames, among other features.Integer overflow issues in Skia, a graphics library.Insufficient data validation in Chrome extensions.Stack buffer overflow and race conditions in Chrome’s internal processes.

These issues provide attackers with avenues to exploit a system by crafting a malicious webpage or sending specially designed requests to targeted devices.

What Can You Do to Stay Safe?

The government has emphasized the need for immediate action to mitigate these risks. Here’s how you can protect yourself:

Update Your Google Chrome Browser Ensure your browser is updated to the latest version:

For Windows and Mac: 132.0.6834.110/111For Linux: 132.0.6834.110

Enable Automatic Updates Allow Chrome to automatically update itself to stay ahead of potential vulnerabilities.

Be Cautious Online Avoid clicking on suspicious links or visiting untrusted websites, as they could be used to exploit these vulnerabilities.

Monitor CERT-In Alerts Keep an eye on advisories from CERT-In and other cybersecurity organizations to stay informed about the latest threats.

Why You Should Take This Warning Seriously

With billions of users worldwide, Google Chrome is a critical tool for daily internet browsing. However, its widespread use also makes it a prime target for cybercriminals. Neglecting these vulnerabilities could expose individuals and organizations to significant risks, including data breaches, system malfunctions, and financial losses.