CERT-In Alert: India’s cybersecurity watchdog warns of critical vulnerabilities in Google Chrome for Mac, Windows, and Linux users.
Vulnerability Details: Two flaws, CIVN-2025-0007 (critical) and CIVN-2025-0008 (high), affect Chrome versions before 132.0.6834.83/8r and 132.0.6834.110/111.
Risks Involved: Hackers can execute arbitrary code, cause system crashes, or bypass security restrictions, compromising sensitive data.
Technical Causes: Flaws include out-of-bounds memory access, improper navigation implementation, and insufficient data validation in extensions.
Attack Methods: Remote attackers exploit vulnerabilities by sending specially crafted requests or executing malicious webpages.
Affected Platforms: Desktop and laptop users on Windows, Mac, and Linux are at risk; smartphone users are less impacted.
ChromeOS Vulnerabilities: Chromebooks running versions before 16093.68.0 are also at risk due to spoofing and cross-site scripting flaws.
CERT-In’s Advice: Users must update Chrome and ChromeOS immediately to the latest versions to mitigate risks.
Preventive Measures: Enable automatic updates and regularly check for new patches to stay protected.
Stay Vigilant: Avoid clicking on unknown links or downloading unverified files to prevent exploitation of these vulnerabilities.