A critical Use-After-Free vulnerability in Chrome for iOS poses a significant risk of remote code execution.

This vulnerability is a memory corruption flaw (Use-After-Free) specific to the Chrome browser application on the iOS platform. An unauthenticated attacker can exploit this by directing a user to a malicious webpage, leading to unauthorized code execution.

With a CVSS score of 8.8, this vulnerability poses a high risk to mobile device security within the enterprise. Successful exploitation could lead to the exposure of personal or corporate data stored on the mobile device and potentially grant an attacker a foothold into the mobile ecosystem.

Immediate Action: Update the Google Chrome application on all iOS devices to version 149 or later via the Apple App Store.

Proactive Monitoring: Use Mobile Device Management (MDM) solutions to track and enforce compliance with the latest application versions.

Compensating Controls: Ensure iOS system updates are current to utilize the latest underlying OS security features, which provide additional layers of defense against application-level exploits.

Public Exploit Available: false

Mobile security is critical, and users should ensure their iOS browsers are updated promptly. Administrators should utilize MDM policies to mandate the update to version 149 or later, effectively mitigating the risk of memory corruption and potential device compromise.