Google Chrome Security Flaws Could Grant Hackers Unauthorised System Access: CERT-In

Here's how you can stay safe from multiple security vulnerabilities affecting Google Chrome for Windows, Mac, and Linux computers.

Written by David Delima | Updated: 19 May 2025 18:09 IST

Highlights

Google Chrome for desktop was affected by multiple security flaws
Two flaws were detected by external researchers
Users who update to the latest stable version of Chrome are protected

Google Chrome Security Flaws Could Grant Hackers Unauthorised System Access: CERT-In

The flaws affecting Google Chrome for Desktop have already been patched by Google

Photo Credit: Unsplash/ @firmbee

Multiple security vulnerabilities detected in Google Chrome for Desktop could put several users at risk, according to an advisory issued by the Indian Computer Emergency Response Team (CERT-In). Google has already patched the security flaws affecting its browser application. The nodal authority for cybersecurity in the country has advised all users and organisations using Google Chrome for Desktop across three platforms to update to the latest version of the browser in order to remain protected from these security flaws.

Hackers Could Persuade Victims to Visit Malicious Websites to Gain System Access

CERT-In provides details of the security flaws affecting Google Chrome in its vulnerability note CIVN-2025-0099 that was published on May 16. It has been assigned a "high" severity rating, by the government agency. The flaws affect Google Chrome for Windows, Mac, and Linux computers older than version prior to 136.0.7103.113 (and older than 136.0.7103.114 for Windows computers).

The description for the first security flaw (CVE-2025-4664) reveals that an "insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page." A description for the CVE-2025-4609 vulnerability reveals it was related to an "incorrect handle provided in unspecified circumstances in Mojo."

CERT-In Says iOS and Android Devices Are Affected By These Security Flaws

According to CERT-In, hackers could use these flaws to gain unauthorised access to a user's computer. In order to leverage these flaws, hackers would need to persuade users to visit a maliciously crafted website. Users running on the aforementioned versions of Chrome for Desktop would be vulnerable to hacking via these security flaws.

Google published a blog post on May 14, informing users that it had patched four security flaws affecting the browser, and credited two external researchers for discovering the security flaws in CERT-In's advisory.

CERT-In has advised end user organisations and individuals to update to the latest stable versions of Google Chrome, which contain patches for these security flaws. Users on Linux and Mac computers should update to version 136.0.7103.113, while Windows users will need to install the latest 136.0.7103.114 update.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.