A critical use-after-free vulnerability in the Google Chrome navigation stack enables sandbox escape, posing a severe threat to end-user device security.

This is a use-after-free vulnerability found in the Navigation component. An unauthenticated attacker can leverage this flaw through a crafted HTML page to perform a sandbox escape.

The CVSS score of 9.6 confirms this is a critical threat. By escaping the sandbox, an attacker can bypass the browser's primary security boundary, potentially gaining control over the host system, accessing sensitive files, or installing persistent malware.

Immediate Action: Update all instances of Google Chrome to version 149.0.7827.103 or later.

Proactive Monitoring: Monitor logs for suspicious navigation activity or unusual browser process behavior that might indicate an attempted sandbox escape.

Compensating Controls: Utilize endpoint security policies to restrict browser privileges and minimize the impact of a potential sandbox escape.

Public Exploit Available: N/A

The urgency of this vulnerability cannot be overstated. Organizations must enforce the update to version 149.0.7827.103 immediately to protect against remote exploitation and potential compromise of critical enterprise assets.