The security warning emerges because cybercriminals now take advantage of software vulnerabilities, and CERT-In confirms that critical issues exist in popular devices. Users who operate with Android versions that are not up-to-date along with using older Chrome browser builds face the highest risks. The agency declared an emergency after warning users to perform immediate software updates because this would block harmful actor intrusion.

The Indian government issued warning alerts about crucial security vulnerabilities that threaten Android and Google Chrome users with data breaches, system takeovers and remote code execution possibilities. The Indian Computer Emergency Response Team (CERT-In) at the Ministry of Electronics and Information Technology released a high-severity advisory about these issues while advising immediate action for individuals along with organisations.

Android users at high risk: Vulnerabilities in core components

All devices running Android versions older than the most recent release fall into the affected category, which includes smartphones and tablets together with smartwatches. The agency warns all users, together with OEMs, to perform Android 13 or above updates as soon as possible. Devices that do not receive updates become vulnerable to major cyber attacks.

The Android operating system versions lower than Android 13, 14 and 15 face serious vulnerabilities which CERT-In recently identified. The identified flaws enable unauthorised hackers to steal user data and execute denial-of-service attacks while attaining unauthorised system entry. The Framework, System, Google Play system updates, and Kernel components in Android operate as the source for all identified vulnerabilities which lead to security risks. Proprietary aspects embedded in Android systems from companies including Qualcomm, along with MediaTek and Imagination Technologies, are included in the vulnerabilities.

Chrome flaw could allow remote code execution

The advisory issued by CERT-In points out a critical issue that exists in the Google Chrome browser which runs on desktop systems. Google Chrome versions between 135.0.7049.84 and earlier, including 135.0.7049.85, encounter the “use-after-free” vulnerability on Linux, Windows and macOS platforms. The Chrome Site Isolation component contains a fault which attackers can trigger through deceptive website visits.

CERT-In classifies these threats as high-priority events that need urgent response. The vulnerability follows successful triggering by attackers, which provides them the ability to execute code at will and sometimes brings system control to them. All Chrome users need to upgrade to the latest version through Google’s official update channels because this critical flaw remains unresolved.

Swift action by individuals, together with organisations, decreases the probability of succumbing to recently detected cyber threats.

Read More:

CMF Phone 2 Pro to launch on April 28—Triple camera