Google Chrome and Firefox Users At Risk: Indian Cyber Agency Issues Urgent Alert

The Indian Computer Emergency Response Team (CERT-In) has issued a ‘high’ severity warning for users of Google Chrome and Mozilla Firefox on desktop systems, urging immediate action to patch critical security vulnerabilities.

Google Chrome Vulnerabilities

According to CERT-In, multiple vulnerabilities have been detected in Google Chrome, which could allow a remote attacker to execute arbitrary code or cause a Denial of Service (DoS), potentially leading to crashes or system instability.

For Linux users, Google Chrome versions earlier than 137.0.7151.55 are affected. For Windows and macOS users, versions earlier than 137.0.7151.55 or 137.0.7151.56 are impacted.

CERT-In warns that organizations and individuals who have not updated to the latest version are at risk of exploitation. Attackers could target these vulnerabilities to trigger unexpected behaviour, system crashes, or arbitrary code execution.

Users should immediately update Chrome to version 137.0.7151.55/56, which contains the official security fixes.

To update Chrome: Go to Settings > Help > About Google Chrome
The browser will automatically check for and install the latest update.

Mozilla Firefox and Thunderbird Vulnerabilities

CERT-In has also flagged multiple critical vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird, which may allow attackers to execute arbitrary code, cause memory corruption, access sensitive data, launch clickjacking and content injection attacks

The affected Mozilla Versions include Firefox prior to 139, Firefox ESR Versions prior to 128.11 and Thunderbird Versions prior to 139.

These vulnerabilities make end-user organizations and individual users potential targets if they fail to update their browsers promptly.

Users of Mozilla products are advised to update to the latest stable versions immediately through the built-in update functionality.

To ensure your system is protected against known exploits, always keep your software and browsers updated. CERT-In continues to monitor and respond to cybersecurity threats and advises regular patching and user awareness as the first line of defense.