A critical use-after-free vulnerability in the Google Chrome ANGLE component on Windows platforms exposes systems to arbitrary code execution.

The vulnerability involves a use-after-free condition in the ANGLE graphics abstraction layer. An unauthenticated attacker can trigger this vulnerability by enticing a user to navigate to a malicious site.

The CVSS score of 8.8 highlights the high risk associated with this flaw. Compromise of the browser on Windows platforms often leads to the execution of arbitrary code with the privileges of the logged-in user, potentially impacting local data and system integrity.

Immediate Action: Apply the vendor-supplied update to Chrome version 149 or higher on all Windows systems.

Proactive Monitoring: Monitor for suspicious graphics driver or browser process behavior that could indicate memory corruption attempts.

Compensating Controls: Implement robust EDR solutions on Windows endpoints to detect and block malicious payloads delivered via the browser.

Public Exploit Available: false

Given the platform-specific nature and the potential for remote code execution, organizations should prioritize patching all Windows-based Chrome installations immediately to mitigate the risk of exploitation.