The Indian Computer Emergency Response Team (CERT-In) has issued a high-priority security advisory urging all users to immediately update their Google Chrome and Microsoft Edge browsers. The warning comes after the discovery of serious vulnerabilities that allow hackers to gain remote access and execute arbitrary code on affected devices.
According to CERT-In’s latest report (CIVN-2025-0258 and CIVN-2025-0256), older versions of Google Chrome for Desktop—below version 141.0.7390.107/.108 on Windows, Mac, and Linux—and Microsoft Edge Stable Channel 141.0.3537.71 or earlier are at high risk. These flaws could let cyber attackers run malicious code, launch denial-of-service (DoS) attacks, or compromise system integrity.
The main issues stem from vulnerabilities known as “Use after free in Safe Browsing” for Chrome and “Heap buffer overflow in Sync and Use after free in storage” for Edge. Exploiting these weaknesses, hackers can trick users into visiting a specially crafted website, giving them unauthorised access to sensitive system data or full device control.
While both Google and Microsoft are working on fixes, CERT-In has urged users to manually update their browsers to the latest versions to prevent data theft and system breaches. The advisory also warns that outdated versions could be exploited for remote code execution, potentially leading to financial and privacy losses.
Users can verify and update Chrome or Edge through their browser’s settings menu. It is also recommended to enable automatic updates for real-time protection against future vulnerabilities.
Cybersecurity experts highlight that timely updates remain one of the simplest yet most effective ways to stay safe online, especially as cyberattacks targeting browser-based vulnerabilities continue to rise globally.