The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity security advisory for all users of Google Chrome on desktop platforms. According to the vulnerability note CIVN-2025-0130, multiple flaws have been discovered in specific versions of Chrome that could allow remote attackers to execute arbitrary code or launch denial-of-service (DoS) attacks on the system.
Who is affected?
The vulnerabilities impact Chrome versions before:
• 137.0.7151.119/.120 on Windows and macOS
• 137.0.7151.119 on Linux
All individuals and organisations using Chrome for desktop browsing are advised to treat this warning seriously.
What’s the risk?
CERT-In warns that the flaws could lead to:
Arbitrary code execution — allowing attackers to run malicious commands on your system.
Denial of Service (DoS) — freezing or crashing the browser and potentially destabilising the system.
Sensitive information leakage — risking data theft or exposure.
The vulnerabilities stem from an integer overflow issue in Chrome’s V8 engine, and a use-after-free bug in the Profiler component. These can be triggered by visiting a maliciously crafted webpage.
What you should do immediately
If you’re using Chrome, check your version and update immediately. Google has already issued patches to address these vulnerabilities in the latest stable release.
To update:
1. Open Chrome.
2. Go to the three-dot menu > Help > About Google Chrome.
3. Chrome will automatically check and install the update.
4. Restart your browser to apply changes.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
