The national cybersecurity agency of India, CERT- In (Computer Emergency Response Team – India), has issued a high severity warning to users of both Google Chrome and Mozilla Firefox. The advisory cites multiple critical security vulnerabilities existing across platforms-Windows, macOS and Linux-vulnerabilities that allow attackers to access sensitive information, execute malicious commands or infect with malware. In an age where browsers rate high on the list of attack vectors, this warning slaps the stern reminder your browser should be updated.
Google Chrome Critical Flaw
The advisory highlights extremely dangerous vulnerabilities in Chrome versions before 141.0.7390.54/55 available on various operating systems. The CVE-2025-11205 and CVE-2025-11206, two bugs classified as severe are from a heap buffer overflow in Chrome’s WebGPU and video components.
The consequence is remote code execution or crashing the browser is compounded by side-channel leaks and memory mismanagement in other components such as Media, Storage and Tab systems. Google has confirmed that the researcher who submitted the WebGPU flaw was given a bounty of $25,000.
ALSO READ: Who Is Rahul Patil? Anthropic Appoints New CTO to Accelerate AI Innovation
Firefox Users Face Sandbox & JavaScript Engine Flaws
Firefox versions before 143.0.3 were flagged under advisory CIVN-2025-0237 and the most dangerous flaw, CVE-2025-11152, allows attackers to break out of Firefox’s sandbox through an integer overflow in the Canvas2D engine thus elevating privileges.
Another serious bug afflicting the JS Just-In-Time (JIT) compiler, CVE-2025-11153, allows remote code execution on malign web pages with these vulnerabilities have since been patched by Mozilla in release 143.0.3.
CERT-In Urges Users to Update Immediately
High severity is the label on the alerts, suggesting serious risk if left unattended CERT-In now warns that an attacker could exploit these vulnerabilities by merely tricking users into visiting a maliciously crafted web page.
- In Chrome: Go to Settings > Help > About Google Chrome
- In Firefox: Go to Menu > Help > About Firefox
ALSO READ: What is a Quasi-Moon & Why is 2023 FW13 Silently Orbiting Earth?
Browser Security Patch
In Chrome, patching was done for more than 20 security issues starting from version 141 and with the high-risk vulnerabilities recently discovered have been patched in the 143.0.3 update for Firefox. According to cybersecurity analysts, these browser-based vulnerabilities have become top contenders for the kinds of attacks perpetrators are using against their personal or institutional data and leaving them unpatched is like leaving open the front door.
Differentiation between Google Chrome & Firefox?
While both browsers were coping with grave flaws and their threat profiles differ somewhat:
- Chrome’s problems center around GPU, media and rendering subsystem overflow and side channel risks.
- Firefox’s problems are more at the core of browser security and involve sandbox escapes and vulnerabilities in the JavaScript engine proper.
Another major distinction is the user base for Chrome is larger, so greater scope of risk but breaches, because of Firefox’s architectural focus on sandboxing, can become more damaging ones if they happen.
ALSO READ: Who is Aravind Srinivas: India’s Youngest Billionaire with Rs. 21,190 Crore Net Worth in 2025
Disclaimer: This article is for informational purposes only. Users are advised to verify all technical updates with official browser documentation or CERT-In sources.
