Government issues warning for Mac and Windows Chrome browsers and Chromebooks, here's what you need to do

Chrome

India’s cybersecurity watchdog, CERT-In, has issued a critical warning for users of Google Chrome on Mac, Windows, and Chromebooks. The alert highlights multiple vulnerabilities in the browser and ChromeOS that could allow hackers to compromise sensitive data, execute arbitrary code, or cause system instability. Users are urged to immediately update their browsers and operating systems to mitigate these risks.

CERT-In has identified two major vulnerabilities—CIVN-2025-0007 and CIVN-2025-0008—affecting Google Chrome on Mac. These flaws, rated as critical and highly severe, impact Chrome versions before 132.0.6834.83/8r. Exploiting these vulnerabilities, attackers could execute arbitrary code, cause denial of service (DoS), or bypass security restrictions. The issues stem from out-of-bounds memory access, improper implementation in navigation, and insufficient data validation in extensions.

Windows users are equally at risk, with the same vulnerabilities affecting Chrome versions before 132.0.6834.110/111. Hackers can exploit these flaws by sending specially crafted requests, potentially leading to data exfiltration, system crashes, or unauthorised access to sensitive information. CERT-In emphasises that these vulnerabilities pose a significant threat to both individual users and organisations.

ChromeOS, the operating system powering Chromebooks, is also under threat. Versions prior to 16093.68.0 (browser version 132.0.6834.94) are vulnerable to spoofing, cross-site scripting, and remote code execution. These flaws arise from stack buffer overflow, integer overflow, and out-of-bounds memory access. A remote attacker could exploit these weaknesses by executing a malicious webpage, potentially gaining access to sensitive data or bypassing security controls.

The vulnerabilities primarily impact desktops, laptops, and Chromebooks running outdated versions of Chrome or ChromeOS. Smartphone users are less affected, but CERT-In advises all users to stay vigilant.

Ignoring these warnings could lead to severe consequences, including data breaches, system instability, and unauthorised access to sensitive information. Hackers are actively exploiting such vulnerabilities, making timely updates crucial.

To protect your devices, update Google Chrome and ChromeOS to the latest versions immediately. Visit the official Chrome Releases blog for detailed instructions. Regularly check for updates and enable automatic updates to ensure your system remains secure.