A high-severity Use After Free vulnerability has been discovered in ANGLE, a core graphics component used by Google Chrome and other Google products. A remote attacker could exploit this flaw by tricking a user into visiting a specially crafted webpage, potentially allowing the attacker to execute arbitrary code on the user's system and gain control, or cause the application to crash.

This vulnerability is a "Use After Free" condition within ANGLE (Almost Native Graphics Layer Engine), the component Chrome uses to translate WebGL (Web Graphics Library) calls into native graphics API calls. An attacker can create a malicious webpage with specific WebGL content that causes the browser to incorrectly manage memory. When the program attempts to access a memory location that has already been deallocated (freed), the attacker can manipulate this memory access to corrupt data, trigger a denial-of-service by crashing the browser, or execute arbitrary code with the privileges of the browser process.

This vulnerability is rated as High severity with a CVSS score of 8.8. Successful exploitation could lead to a complete compromise of the affected user's workstation. Potential consequences include the theft of sensitive data (such as login credentials, financial information, or proprietary documents), the installation of persistent malware like ransomware or spyware, or using the compromised machine as a pivot point to attack the internal corporate network. A widespread failure to patch could expose the organization to significant data breaches, financial loss, and reputational damage.

Immediate Action: Apply vendor security updates immediately across all affected systems. Google has released Chrome version 139 to address this vulnerability. Ensure all endpoints are updated through automated patch management systems or manual intervention. Following patching, monitor for any signs of exploitation attempts and review relevant system and network access logs for anomalous activity.

Proactive Monitoring: Security teams should monitor for indicators of compromise, including:

• Endpoint Detection and Response (EDR) alerts for suspicious child processes being spawned by browser processes (e.g., chrome.exe launching powershell.exe).
• Unusual network traffic originating from workstations to unknown or malicious IP addresses.
• Reviewing browser crash logs for patterns that may indicate exploitation attempts.

Compensating Controls: If immediate patching is not feasible, the following temporary controls can help mitigate risk:

• Implement web filtering to block access to untrusted or uncategorized websites.
• Deploy script-blocking browser extensions to prevent the execution of potentially malicious WebGL content.
• Ensure endpoint security solutions (Antivirus, EDR) are fully updated with the latest signatures and behavioral detection capabilities.
• Consider disabling WebGL through browser policy if it is not essential for business operations.

Public Exploit Available: false

Given the high CVSS score of 8.8 and the potential for remote code execution, this vulnerability poses a significant risk to the organization. We strongly recommend that all Chrome installations on corporate endpoints be updated to version 139 or later with the highest priority. Although this CVE is not currently listed on the CISA KEV catalog, vulnerabilities of this nature in major web browsers are frequently added once exploited in the wild. Organizations should treat this vulnerability with urgency and ensure patches are deployed comprehensively and without delay.