A high-risk Use-After-Free vulnerability in Google Chrome's PDFium library poses a severe threat, requiring immediate patching to prevent potential remote code execution.

This is a Use-After-Free vulnerability within the PDFium library. An unauthenticated attacker can exploit this by crafting a malicious PDF file that triggers memory corruption, leading to potential code execution.

With a CVSS score of 8.8, the potential for business disruption is substantial. Exploitation could lead to unauthorized access to sensitive information or the establishment of a persistent presence on the network, significantly impacting organizational security posture.

Immediate Action: Update all instances of Google Chrome to version 149 or later to address the vulnerability.

Proactive Monitoring: Monitor system health and browser performance for patterns that might indicate exploitation attempts.

Compensating Controls: Implement strong endpoint security measures and restrict users from opening suspicious documents from untrusted sources.

Public Exploit Available: false

Given the high severity and the ease with which users can be targeted via malicious documents, organizations must prioritize this update. Ensure all endpoints are patched to version 149 or higher to mitigate this risk effectively.