The Indian Computer Emergency Response Team (CERT-In) has issued an urgent security advisory directing Google Chrome users across all platforms to update their browsers immediately.
The vulnerability note published on October 8, 2025, identifies multiple critical security flaws affecting Chrome for Windows, macOS, and Linux that could enable remote attackers to compromise systems through maliciously crafted websites.
High-Risk Vulnerabilities Threaten Millions of Users
The CERT-In advisory classifies these security gaps as “high risk,” warning that exploitation could lead to severe consequences for both individual users and organizations.
The identified vulnerabilities—CVE-2025-11211, CVE-2025-11458, and CVE-2025-11460—enable attackers to execute arbitrary code remotely on vulnerable systems when users visit compromised websites.
Additionally, threat actors could trigger denial-of-service (DoS) conditions, potentially rendering systems inoperable, or gain unauthorized access to sensitive information stored on affected computers.
All Google Chrome versions prior to 141.0.7390.65/.66 for Windows and Mac, and versions prior to 141.0.7390.65 for Linux are susceptible to these exploits.
The nodal cybersecurity agency emphasizes that these vulnerabilities pose significant risks to data integrity, system availability, and user privacy, making immediate remediation critical.
Immediate Action Required
CERT-In has issued explicit recommendations for all Chrome users to update their browsers to the latest versions without delay.
Windows and macOS users must upgrade to version 141.0.7390.65 or 141.0.7390.66, while Linux users should install version 141.0.7390.65.
The advisory stresses that updating to these patched versions is essential to mitigate the attack surface and reduce exploitation risks.
Users can verify their browser’s update status by navigating to the three-dot menu in the top-right corner, selecting Help, then About Google Chrome.
The browser will automatically check for available updates and download the latest version. After installation completes, users must restart Chrome to apply the security patches effectively.
While Chrome typically updates automatically when configured correctly, CERT-In recommends manual verification to ensure protection is in place.
Organizations are particularly urged to implement these updates across their infrastructure immediately, as enterprise environments present attractive targets for exploitation of such vulnerabilities.
The advisory underscores that timely patch management remains a fundamental cybersecurity practice in defending against evolving threats targeting widely deployed software like Google Chrome.
