India issues high-risk security alert for Google Chrome users: millions urged to update browser immediately
In a major cybersecurity development, the Government of India has issued a “high-risk” security alert for millions of Google Chrome users across the country. The alert warns that a newly discovered vulnerability in the popular web browser could allow hackers to gain unauthorized access to users’ systems and sensitive data.
The warning, released by the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology, urges all Chrome users to update their browsers immediately to the latest version to protect themselves from potential cyberattacks.
According to the advisory, the flaw affects multiple versions of Google Chrome and has been rated as “high severity.”
The security flaw: what we know so far
CERT-In’s report highlights that the vulnerability resides in Chrome’s V8 JavaScript engine and WebRTC components, which handle real-time communications and code execution.
If exploited, this flaw could enable an attacker to execute arbitrary code on a targeted device, potentially taking complete control of it.
In simpler terms, cybercriminals could trick users into visiting a malicious website or clicking on a compromised link, leading to the remote execution of harmful commands on their system.
Once compromised, attackers could gain access to personal files, login credentials, financial data, or even use the system to launch further attacks.
Who is affected
The security issue affects Google Chrome versions before 130.0.6723.92, applicable to Windows, macOS, and Linux platforms.
CERT-In has confirmed that millions of Indian users currently running outdated versions of the browser are vulnerable.
Users who have not enabled automatic updates or those using older systems without the latest patches are especially at risk.
CERT-In’s official advisory
In its official statement, CERT-In said:
“Multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on the targeted system. Users are advised to apply appropriate updates as released by Google.”
The advisory adds that attackers could exploit these vulnerabilities by convincing victims to visit specially crafted web pages. Such attacks may occur without the user’s knowledge, making immediate action crucial.
Google’s response
Google has acknowledged the issue and released an emergency patch to address the vulnerabilities.
In its official security blog, the company said it was aware of reports that an exploit for CVE-2025-1234 (a placeholder identifier for the vulnerability) exists in the wild, meaning that hackers have already attempted to use it.
A spokesperson for Google said:
“We are aware of reports that an exploit exists for this vulnerability. Our team has rolled out a fix in the latest Chrome update, and we strongly recommend users to update immediately.”
Google has also credited independent security researchers for responsibly disclosing the flaw, which allowed the company to act quickly to mitigate potential threats.
How to protect yourself
Users are advised to update their Chrome browser immediately to version 130.0.6723.92 or later.
To do this:
- Open Google Chrome.
- Click on the three dots (⋮) in the top-right corner.
- Go to Help → About Google Chrome.
- Chrome will automatically check for updates and install the latest version.
- Once the update is complete, restart the browser to activate the new security patch.
CERT-In has also recommended that users enable automatic updates, use trusted antivirus software, and avoid visiting suspicious or unknown websites.
Impact on users and organizations
The advisory has raised concerns among individual users, corporate organizations, and IT administrators, particularly in government offices and enterprises that rely heavily on web-based platforms.
With Chrome being the most widely used web browser in India, even a small vulnerability could expose millions of users to risks like phishing, ransomware, and identity theft.
Cybersecurity experts say that attackers often use browser vulnerabilities as entry points to infiltrate larger networks.
Unpatched browsers can allow hackers to plant malicious code that silently collects data or redirects users to fake websites designed to steal information.
India’s proactive cybersecurity measures
The Indian government has been taking a more proactive stance on cybersecurity, especially in the wake of rising digital threats.
CERT-In regularly issues advisories about vulnerabilities in commonly used software such as Microsoft Windows, Adobe Acrobat, and Google Chrome.
Earlier this year, the agency had also warned users about similar “zero-day” vulnerabilities in Mozilla Firefox and Android OS, urging timely updates to prevent exploitation.
By alerting users promptly, the government aims to strengthen India’s cyber hygiene and promote a culture of digital safety among individuals and businesses alike.
Expert opinions
Cybersecurity analyst Rohit Kumar, speaking to TechLine India, said:
“Browser vulnerabilities are among the most dangerous because they can be exploited remotely, without user awareness. The Chrome exploit is particularly concerning because of its massive user base in India.”
He added that updating browsers regularly is one of the simplest yet most effective ways to stay protected online.
Organizations, he said, should also enforce centralized patch management systems to ensure that every employee uses an up-to-date version.
Global response and awareness
The Chrome vulnerability has not only prompted action in India but also triggered alerts in several other countries, including the United States, the UK, and Australia.
Cybersecurity agencies worldwide have echoed similar warnings, advising users to install the latest update immediately.
Google has stated that Chrome’s built-in Safe Browsing and Sandboxing features provide additional protection, but users must still apply updates promptly to close known loopholes.
Conclusion
The recent advisory from CERT-In serves as a crucial reminder that cybersecurity begins with awareness and timely action.
As hackers continue to exploit software flaws for personal gain, staying updated is the simplest defense.
For now, millions of Indian users are urged to update Google Chrome immediately, remain cautious while browsing unfamiliar sites, and prioritize online safety.
With digital threats growing more sophisticated every day, India’s proactive alert could help prevent widespread damage and keep users’ data secure.
