Google Chrome Security Flaws Could Grant Hackers Unauthorised System Access: CERT-In
Here's how you can stay safe from multiple security vulnerabilities affecting Google Chrome for Windows, Mac, and Linux computers.
Advertisement
Written by David Delima | Updated: 19 May 2025 18:09 IST
Highlights
Google Chrome for desktop was affected by multiple security flaws
Two flaws were detected by external researchers
Users who update to the latest stable version of Chrome are protected
The flaws affecting Google Chrome for Desktop have already been patched by Google
Photo Credit: Unsplash/ @firmbee
Multiple security vulnerabilities detected in Google Chrome for Desktop could put several users at risk, according to an advisory issued by the Indian Computer Emergency Response Team (CERT-In). Google has already patched the security flaws affecting its browser application. The nodal authority for cybersecurity in the country has advised all users and organisations using Google Chrome for Desktop across three platforms to update to the latest version of the browser in order to remain protected from these security flaws.
Hackers Could Persuade Victims to Visit Malicious Websites to Gain System Access
CERT-In provides details of the security flaws affecting Google Chrome in its vulnerability note CIVN-2025-0099 that was published on May 16. It has been assigned a "high" severity rating, by the government agency. The flaws affect Google Chrome for Windows, Mac, and Linux computers older than version prior to 136.0.7103.113 (and older than 136.0.7103.114 for Windows computers).
The description for the first security flaw (CVE-2025-4664) reveals that an "insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page." A description for the CVE-2025-4609 vulnerability reveals it was related to an "incorrect handle provided in unspecified circumstances in Mojo."
According to CERT-In, hackers could use these flaws to gain unauthorised access to a user's computer. In order to leverage these flaws, hackers would need to persuade users to visit a maliciously crafted website. Users running on the aforementioned versions of Chrome for Desktop would be vulnerable to hacking via these security flaws.
Google published a blog post on May 14, informing users that it had patched four security flaws affecting the browser, and credited two external researchers for discovering the security flaws in CERT-In's advisory.
CERT-In has advised end user organisations and individuals to update to the latest stable versions of Google Chrome, which contain patches for these security flaws. Users on Linux and Mac computers should update to version 136.0.7103.113, while Windows users will need to install the latest 136.0.7103.114 update.
Apple Must Allow Alternative Browser Engines on iOS by December Under Japan's New Mobile Software Competition Act8 August 2025
Search
![[Partner Content] OPPO Reno14 Series: Perfect Camera Phone for Creators Under Rs. 50,000](https://c.ndtvimg.com/2025-08/fvlllfc4_oppo-reno14-series_160x120_07_August_25.jpg?downsize=180:*)
![[Sponsored] A Day With Samsung Galaxy Watch8 Classic: A Personal Health Coach on Your Wrist!](https://c.ndtvimg.com/2025-07/gcrn4g7o_samsung-galaxy-_160x120_30_July_25.jpg?downsize=180:*)
