Indian Government Alerts Windows and Mac Users: Critical Chrome Security Vulnerability Demands Immediate Attention.

Aug 26, 2025
597 views
2 min read
0 likes

The Indian Computer Emergency Response Team (CERT-In), the nation's cybersecurity watchdog, has issued a high-severity warning concerning security vulnerabilities in the Google Chrome browser for users of Windows, macOS, and Linux systems. These vulnerabilities could allow attackers to compromise user data and devices. CERT-In has advised users to immediately apply necessary security patches and update their Chrome browser to mitigate these risks.

Vulnerabilities CERT-In has identified specific vulnerabilities in Google Chrome.

CIVN-2025-0007 and CIVN-2025-0008: Reported in January 2025, these vulnerabilities have severity ratings of "critical" and "high," respectively. CIVN-2025-0007 affects Google Chrome versions before 132.0.6834.83/8r (on Windows/Mac), while CIVN-2025-0008 targets versions before 132.0.6834.110/111 (on Windows and Macs) and versions before 132.0.6834.110 for Linux.
CIVN-2025-0099: Reported in May 2025, this vulnerability affects Chrome versions prior to 136.0.7103.113/.114 for Windows and Mac, and versions prior to 136.0.7103.113 for Linux.

How the Vulnerabilities Can Affect Users

CIVN-2025-0007: This vulnerability includes multiple flaws that could allow a remote attacker to execute arbitrary code, cause denial-of-service conditions, disclose sensitive information, and bypass security restrictions on the targeted system. These flaws exist due to out-of-bounds memory access in V8, inappropriate implementation in navigation, fullscreen, fenced frames, payments, extensions and compositing, an integer overflow in Skia, out-of-bounds read in metrics, stack buffer overflow in Tracing, and Race in Frames.
CIVN-2025-0099: This vulnerability stems from inadequate policy enforcement in the browser's Loader component and improper management in Mojo, which handles inter-process communication in Chrome. An attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted webpage. Successful exploitation could allow a remote attacker to execute arbitrary code on the targeted system.

Risks Attackers are already exploiting some of these vulnerabilities in the wild. Exploitation of these flaws could lead to unauthorized access to sensitive data, browser instability, remote code execution, or denial of service. The vulnerabilities could result in sensitive data exposure, system instability, and data exfiltration.

Mitigation CERT-In stresses the importance of installing the latest security patches, which Google has already rolled out for affected Chrome versions. Users should update to the most recent version of Chrome to protect themselves from potential cyber threats and ensure data safety. The advisory warns that certain security flaws in older versions of the browser could allow attackers to remotely take control of a user's computer.

Written By

Yashika Joshi

With a bright, engaging personality and a passion for sports, Yashika is a curious journalist who loves exploring human-interest stories and the unique characters in her city. She has a natural ability to connect with people and is passionate about sharing their personal narratives. Yashika is currently developing her interviewing skills, focusing on building rapport and creating a comfortable space for individuals to share their experiences authentically.