More News : A serious cyber threat has emerged for Google Chrome users. The Indian Computer Emergency Response Team (CERT-In) has issued a high-risk advisory highlighting multiple security vulnerabilities affecting Chrome across different operating systems. The latest bulletin published on Friday categorizes these vulnerabilities as high-severity and warns that cyber attackers could exploit them to run arbitrary code remotely, putting system security at major risk.
According to cybersecurity experts, attackers can exploit these flaws to execute malicious code on affected systems without the user’s knowledge. CERT-In has advised all individuals and organizations using Google Chrome to immediately update their browser to the latest version.
The cybersecurity agency has identified two critical vulnerabilities in Google Chrome for Windows, macOS, and Linux, labeled CVE-2025-13223 and CVE-2025-13224. These flaws could compromise system integrity and disrupt essential services.
CERT-In explained that the vulnerability allows hackers to run arbitrary code remotely on unprotected systems. The issue stems from type confusion, where a part of the code attempts to access a resource using an incorrect data type—one that is not compatible with the actual object type.
The type confusion has been detected in Chrome’s V8 engine, which executes JavaScript and WebAssembly code. This flaw enables attackers to exploit heap corruption through a specially crafted HTML page.
Google confirmed that versions of Chrome prior to:
-
Windows: 142.0.7444.175/.176
-
macOS: 142.0.7444.176
-
Linux: 142.0.7444.175
are affected by these vulnerabilities. Users are strongly advised to update Chrome to version 142.0.7444.175/.176 immediately.
The update can be checked by navigating to Menu → Help → About Google Chrome.
