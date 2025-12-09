The Ministry of Electronics and Information Technology (MeitY), through the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity security alert for users of Google Chrome across Windows, Mac, and Linux devices. The warning follows the discovery of multiple vulnerabilities in browser versions prior to 143.0.7499.40.

According to the security note published on December 8, 2025, the flaws could allow a remote attacker to execute arbitrary code, access sensitive information, or bypass security restrictions on affected systems.

CERT-In attributes the vulnerabilities to weaknesses including:

Type confusion and race conditions in the V8 engine (Chrome’s JavaScript and WebAssembly engine).

Inappropriate implementations in components such as WebRTC, DevTools, and Split View.

Use-after-free flaws in the Digital Credentials and Media Stream modules, which are memory corruption issues.

Successful exploitation of these weaknesses can be achieved simply by persuading a user to open a specially crafted webpage. The potential impact is severe, including privilege escalation, unauthorized access to sensitive data, data theft, and broader compromise of the user's operating system.

The security warning applies to:

Google Chrome versions earlier than 143.0.7499.40/41 for Windows and macOS.

Google Chrome versions earlier than 143.0.7499.40 for Linux.

Google has already released a patch for these flaws in the latest update. CERT-In strongly recommends that all affected users update Chrome immediately by navigating to Settings → Help → About Google Chrome.

First Published on Dec 9, 2025 4:20 PM