The Indian Computer Emergency Response Team (CERT-In), the government’s nodal cybersecurity agency, has issued a high-severity advisory warning users about multiple security flaws detected in Google Chrome.
According to the advisory issued on May 16, the vulnerabilities could allow a remote attacker to execute arbitrary code on targeted systems. The affected Chrome versions include those prior to 136.0.7103.113/.114 for Windows and Mac, and versions prior to 136.0.7103.113 for Linux.
CERT-In noted that some of the flaws are already being actively exploited by threat actors. These vulnerabilities can be triggered by simply convincing a user to visit a specially crafted web page, potentially giving attackers remote access to sensitive data and control over the system.
All users running Google Chrome on Windows, macOS, or Linux are considered potential targets. The agency has strongly advised all individuals and organisations to urgently apply the necessary updates and security patches.
To stay protected, users should update their browser to the latest version. Google released an update on May 14 that includes four security fixes addressing the reported vulnerabilities.
To check your Chrome version and update it:
– Open Google Chrome on your computer
– Click the three-dot menu in the top-right corner
– Go to Help > About Google Chrome
– If an update is available, Chrome will automatically download it
– Restart the browser to apply the update