CERT-In issued a security alert warning Google Chrome users about a number of high-risk vulnerabilities impacting the browser on Windows, macOS, and Linux. The alert highlights serious vulnerabilities that might allow remote attackers to run malicious code or access sensitive data on the impacted systems. The vulnerabilities are present in Chrome versions previous to 142.0.7444.59/60.
The Indian Computer Emergency Response Team (CERT-In) released a high-risk advisory, CIVN-2025-0288, on October 30, highlighting severe vulnerabilities in Google Chrome for desktop users. Such vulnerabilities can be exploited by tricking users into accessing specially crafted websites, allowing remote attackers to compromise computers or steal sensitive data. The vulnerabilities impact Google Chrome versions before 142.0.7444.59 on Linux and 142.0.7444.59/60 on Windows and macOS.
CERT-In has rated the risk of detected vulnerabilities in Google Chrome as “High,” suggesting that their successful exploitation might result in arbitrary code execution, spoofing attacks, or potential system hacking.
Also Read: Lava Agni 4 India launch teased, to feature a metal body
Issues that have been found stem from a variety of components, including the V8 JavaScript engine and Extensions, and include type confusion, use-after-free issues, defects in object lifecycle management, and policy bypasses. These vulnerabilities might be used by attackers to run arbitrary code, get around security controls, or obtain unauthorised access through fictitious website visits.
Also Read: Canva introduced its new Creative Operating System, AI features and more
These vulnerabilities are listed under several CVE IDs, including CVE-2025-12429 through CVE-2025-12447. To mitigate these vulnerabilities, CERT-In advises that users update their Google Chrome browser to 142.0.7444.60 or higher. This may be accomplished by going to the browser’s menu and selecting Help > About Google Chrome, where updates will be instantly downloaded and applied.
