CERT-In has issued a security alert for Google Chrome users, urging immediate updates for Windows, macOS, and Linux due to severe vulnerabilities identified as CVE-2025-13223 and CVE-2025-13224.
The Indian Computer Emergency Response Team (CERT-In) has issued a fresh security alert for Google Chrome users, advising immediate updates across Windows, macOS, and Linux. The warning comes after multiple high-risk vulnerabilities were discovered in the browser, raising concerns about potential remote attacks. If you rely on Chrome for your daily browsing, work or banking, this is one alert you shouldn’t ignore. Here’s everything you need to know about the newly flagged threat and what action you should take.
What CERT-In Has Identified
In its latest advisory, tagged CIVN-2025-0330, CERT-In highlighted two major security flaws in Chrome. These vulnerabilities, identified as CVE-2025-13223 and CVE-2025-13224, have been classified as “high severity,” meaning attackers could use them to compromise a system remotely.
The root of the problem lies in a Type Confusion error inside Chrome’s V8 engine. This engine is responsible for processing JavaScript and WebAssembly, both essential parts of how modern websites function. When Type Confusion occurs, the browser may attempt to access memory in an unsafe way, which can open the door for malicious code execution. As CERT-In explains, this could allow attackers to run harmful programs on your computer simply by directing you to a specially crafted webpage.
The root of the problem lies in a Type Confusion error inside Chrome’s V8 engine. This engine is responsible for processing JavaScript and WebAssembly, both essential parts of how modern websites function. When Type Confusion occurs, the browser may attempt to access memory in an unsafe way, which can open the door for malicious code execution. As CERT-In explains, this could allow attackers to run harmful programs on your computer simply by directing you to a specially crafted webpage.
What Google Has Said
Google confirmed that one of the vulnerabilities, CVE-2025-13223, is already being exploited “in the wild.” That means hackers have found a working method to take advantage of the flaw before many users have updated their browsers.
The company stated that Chrome versions prior to 142.0.7444.175/.176 on Windows, 142.0.7444.176 on macOS, and 142.0.7444.175 on Linux are affected. Google has already pushed out patched updates to the stable channel, and they will continue rolling out globally over the coming days.
What Users Should Do Now
If you’re using Google Chrome, CERT-In has made one thing clear: updating immediately is the best way to stay protected. You can check your browser version by going to Help > About Google Chrome in the settings menu. Chrome will automatically start downloading the latest updates, and a restart will apply the fix.
