CERT-In flags high-risk security flaws in Google Chrome desktop browser

India’s cybersecurity agency has issued a high-severity alert about multiple flaws in Google Chrome that could allow attackers to execute malicious code, bypass security safeguards and access sensitive data on affected systems.

India’s national cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a security advisory warning users about several vulnerabilities affecting the desktop version of the Google Chrome web browser.

The advisory highlights that the flaws could allow cyber attackers to remotely execute malicious code, bypass browser security mechanisms and gain access to sensitive data stored on affected devices. CERT-In classified the issue as high severity, urging individuals and organisations to take immediate action.

According to the agency, the vulnerabilities stem from multiple technical issues within the browser, including improper handling of certain processes and memory-related errors. Some of the flaws are linked to Chrome’s media components, while others involve weaknesses in the browser’s JavaScript engine and developer tools environment.

Systems running older Chrome versions at risk

The advisory indicates that systems running outdated versions of Google Chrome are particularly vulnerable. Devices operating older releases on Windows, macOS and Linux platforms may be exposed to potential exploitation.

CERT-In noted that attackers could take advantage of these vulnerabilities by directing users to specially crafted malicious websites. If a user visits such a page, the browser could be manipulated to execute harmful commands or disclose confidential information stored on the system.

In some cases, successful exploitation could enable attackers to bypass security protections built into the browser. This could potentially lead to data theft, unauthorised system access or manipulation of stored information.

The warning applies to individual users as well as organisations that rely on Chrome for daily browsing and online operations.

Security update recommended

To mitigate the risk, CERT-In has advised users to install the latest version of Google Chrome released by Google. Updating the browser ensures that recently issued security patches are applied and the vulnerabilities are addressed.

Users can update Chrome through the browser’s settings menu by navigating to the “About Google Chrome” section, where the software automatically checks for available updates. Once the update is installed, restarting the browser completes the process.

CERT-In stressed that timely software updates are one of the most effective ways to protect systems from emerging cyber threats. The agency also encouraged organisations to adopt regular patch management practices to reduce the risk of security breaches.