Millions of Google Chrome users across Windows and macOS have been alerted to a critical security flaw in the browser. The Indian Computer Emergency Response Team (CERT-In), India’s top cybersecurity body, issued this warning, classifying the vulnerability as “high severity.” The alert was published on May 10, 2025, and concerns multiple serious flaws in older Chrome versions.
The Indian Computer Emergency Response Team (CERT-In) has flagged several critical security vulnerabilities in Chrome that could be exploited by cybercriminals. These include:
Heap buffer overflow in HTML
Out-of-bounds memory access
Inappropriate implementation in DevTools
Insufficient data validation
“A remote attacker was spotted who could exploit these weaknesses by tricking users into visiting maliciously crafted websites. This could further allow the hackers to gain access to sensitive data or even control your device remotely.”
These vulnerabilities, if exploited, could allow attackers to run malicious code, access private information, or even gain control over a user’s device remotely.
The vulnerabilities affect Chrome users who are running outdated versions of the browser:
Linux: Versions prior to 136.0.7103.59
Windows/macOS: Versions before 136.0.7103.48/49
If your device is using Chrome below these versions, you are potentially at risk.
Google has already been notified and is in the process of releasing security patches. Users are strongly advised to update Chrome by following these simple steps:
Open Chrome
Click on the three-dot menu (top-right corner)
Navigate to Settings > About Chrome
Let Chrome search for updates
Click Update and restart the browser
“This is not just a routine update. With remote code execution vulnerabilities, cybercriminals can target both individuals and businesses. CERT-In’s high-severity alert underlines the urgent need to patch your browser.”
Here are five practical steps to enhance your Chrome security and stay safe online:
Updates often include critical security patches.
How to update: Settings > About Chrome.
Enable Chrome’s Safe Browsing to get alerts about harmful websites and downloads.
How to enable: Settings > Privacy and security > Security > Choose Enhanced protection.
Avoid password reuse. Chrome's Password Manager helps create and save strong passwords.
How to activate: Settings > Autofill > Password Manager.
Install extensions only from trusted sources. Too many or unknown extensions can open doors to cyber threats.
How to review: Visit chrome://extensions/ and remove anything suspicious.
Clear cookies, cache, and site data to avoid tracking scripts or hidden malware.
How to clear: Settings > Privacy and security > Clear browsing data.
Google Chrome users, especially those on older browser versions, face a significant risk due to recently disclosed vulnerabilities flagged by CERT-In. The high-severity alert outlines risks such as remote code execution and unauthorized data access. Google is actively addressing these issues with security patches, but users must act promptly by updating their browser.
Staying up to date not only closes these loopholes but also strengthens your overall online protection. Additionally, enabling Safe Browsing, using strong passwords, and managing extensions wisely can further reduce your exposure to threats. These proactive steps are crucial for both individuals and businesses that rely on Chrome for daily browsing.
As cyber threats become more sophisticated, maintaining browser hygiene becomes an essential part of digital safety. Users are urged to stay informed, follow best practices, and apply updates as soon as they're available. Security starts with awareness—and timely action is your best line of defense.