Home
Apps
Apps News
CERT In Warns Google Chrome Users of ‘High Risk’ Vulnerabilities on Windows, macOS, and Linux

CERT-In Warns Google Chrome Users of ‘High Risk’ Vulnerabilities on Windows, macOS, and Linux

The vulnerabilties may allow a remote attacker to execute arbitrary code on an unprotected computer.

Written by Shaurya Tomer, Edited by Ketan Pratap | Updated: 21 November 2025 15:21 IST

CERT-In Warns Google Chrome Users of ‘High Risk’ Vulnerabilities on Windows, macOS, and Linux

Photo Credit: Unsplash/Firmbee

Desktop Chrome users should update to the latest version that patches the flaws

Click Here to Add Gadgets360 As A Trusted Source

Highlights

Two vulnerabilities, CVE-2025-13223 and CVE-2025-13224, were flagged
The flaws may let attackers remotely run arbitrary code on systems
Chrome versions before 142.0.7444.175/176 are affected

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory regarding multiple vulnerabilities affecting Google Chrome on various operating systems. The latest bulletin, published on Friday, has flagged the discovered vulnerabilities as high risk. As per the cybersecurity firm, threat actors may potentially exploit the security flaws to remotely execute arbitrary code on the affected systems. All individual users and organisations using Google Chrome on Windows, macOS, and Linux have been advised to update to the latest version of the web browser.

CERT-In Issues Warning for Google Chrome Users

In the advisory note, CIVN-2025-0330, the cybersecurity agency highlighted two different vulnerabilities in Google Chrome for Windows, macOS, and Linux. These have been assigned the identifiers CVE-2025-13223 and CVE-2025-13224, and their severity has been declared as “high”. The vulnerabilities are claimed to have the potential to compromise the system and disrupt services.

As per the cybersecurity agency, the flaws may allow a remote attacker to execute arbitrary code on an unprotected computer. It occurs due to Type Confusion, a scenario where a piece of code attempts to access a resource using a data type that is incompatible with the object's actual type.

Researchers Claim to Uncover Billions of WhatsApp-Registered Phone Numbers

CERT-In said that the Type Confusion occurred in V8, which is the engine responsible for executing JavaScript and WebAssembly code within Chrome. It would allow the remote attacker to potentially exploit heap corruption via a crafted HTML page.

In a statement, Google clarified it was aware that an exploit for CVE-2025-13223 exists in the wild. Google Chrome versions prior to 142.0.7444. 175/.176 for Windows, 142.0.7444.176 for Mac, and 142.0.7444. 175 for Linux are impacted by the vulnerabilities.

The Mountain View-based tech giant said that it has updated the stable channel for all of the operating systems, and updates with the required fixes will be rolled out over the coming days and weeks.

To mitigate risks, CERT-In recommends updating Google Chrome to version 142.0.7444. 175/.176. Users can verify and install updates by navigating to the browser's menu and selecting Help > About Google Chrome. The update process will automatically download and apply the latest patches.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: CERT In, Google Chrome, Cybersecurity, Windows, macOS, Linux

Shaurya Tomer

Email Shaurya Tomer

Shaurya Tomer is a Sub Editor at Gadgets 360 with 2 years of experience across a diverse spectrum of topics. With a particular focus on smartphones, gadgets and the ever-evolving landscape of artificial intelligence (AI), he often likes to explore the industry's intricacies and innovations – whether dissecting the latest smartphone release or exploring the ethical implications of AI advancements. In his free time, he often embarks on impromptu road trips to unwind, recharge, and ...More