A high-severity use-after-free vulnerability in the Google Chrome on iOS Autofill component presents a significant risk of arbitrary code execution.

This flaw is a use-after-free vulnerability located within the Autofill feature of Chrome on iOS. If successfully exploited, it could cause memory corruption, which may allow an attacker to execute arbitrary code in the context of the application.

With a CVSS score of 8.8, this vulnerability poses a serious threat to iOS users within the enterprise. The Autofill feature is frequently used to store sensitive information; exploitation could result in the compromise of credentials or personal information, undermining the security posture of the device and the data it accesses.

Immediate Action: Update Google Chrome on all iOS devices to version 149 or the latest available version via the App Store.

Proactive Monitoring: Ensure that mobile device management (MDM) policies are in place to track application versions and alert on non-compliant iOS devices.

Compensating Controls: Restrict the use of browser-based autofill for highly sensitive corporate credentials, favoring dedicated, secure password management solutions.

Public Exploit Available: false

Promptly update Google Chrome on all iOS devices to version 149 to address this Autofill-related security risk. IT teams should ensure that all mobile assets are kept current to prevent exploitation of browser-based memory vulnerabilities.