Government warns Chrome users of critical security flaw

NEW DELHI: The Indian Computer Emergency Response Team (Cert-In) has issued a high-severity warning for Google Chrome users. A critical flaw in the browser could let attackers take control of your computer just by visiting a website.

The vulnerability, tracked as CVE-2026-2441, is a “Use-After-Free” issue in Chrome’s CSS component. This part of the browser handles how websites look, including fonts, colours, and layouts. A small memory error here could allow hackers to run malicious code on your device.

Windows and Mac users with Chrome versions earlier than 144.0.7559.109 or .110 are at risk. Linux users running versions before 144.0.7559.109 are also vulnerable. Google has released updated versions, Windows and Mac users should update to 145.0.7632.75 or .76, and Linux users to 144.0.7559.75.

The risk is serious because attackers do not need any attachments or extra downloads, simply visiting a malicious webpage is enough. Exploiting this flaw could lead to stolen data, compromised systems, or service disruption.

To stay safe, users should immediately check their Chrome version and update manually. Open Chrome, go to Settings, About Chrome, and ensure the latest update is applied. Relying solely on automatic updates may leave you exposed.

Given how easy this flaw is to exploit, Cert-In warns that everyone using Chrome should act without delay.