CERT-In alert: Google Chrome Desktop users must update to block remote attacker threats

The Indian Computer Emergency Response Team (CERT-In) has issued a high-severity alert regarding multiple vulnerabilities in Google Chrome for Desktop, warning users that these flaws could allow remote attackers to execute arbitrary code on affected systems.

In a vulnerability note issued on May 16, CERT-In said that the issues affect Google Chrome versions prior to 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux.

The agency has advised all users and organisations using Chrome on desktop platforms to urgently apply the latest updates.

"Multiple vulnerabilities have been reported in Google Chrome which could allow a remote attacker to execute arbitrary code on the targeted system," the agency said, adding that the threat could also result in sensitive information disclosure or system instability.

The vulnerabilities arise from insufficient policy enforcement in Chrome’s Loader and improper handling in certain circumstances in Mojo, a component of the browser.

"A remote attacker could exploit these vulnerabilities by persuading a victim to visit a specially crafted web page,” CERT-In warned.

The most critical flaw, tracked as CVE-2025-4664, is already being actively exploited in the wild, it added.

The Chrome development team rolled out a stable channel update on May 14 to address these issues, including four security fixes.

The fix for CVE-2025-4664 was highlighted as a high-severity issue disclosed via a social media post by X user @slonser_ earlier this month.

Another high-severity vulnerability, CVE-2025-4609, was reported by a researcher identified as Micky on April 22. Both issues have been resolved in the latest Chrome versions.

Google noted that access to detailed information about the bugs would remain restricted until a majority of users have updated their browsers, to prevent further exploitation.

CERT-In has urged users to ensure they are using Chrome version 136.0.7103.113 or later to safeguard their systems against potential attacks.

Google Chrome is one of the most widely used web browsers globally, particularly on desktop platforms including Windows, macOS, and Linux.