A critical use-after-free vulnerability in Google Chrome's WebRTC component poses a significant risk of remote code execution.

This vulnerability is a use-after-free flaw located in the WebRTC engine. It can be triggered by an unauthenticated remote attacker via a specially crafted web page.

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code within the context of the browser, potentially leading to unauthorized system access or data exfiltration. With a CVSS score of 8.8, this flaw represents a high-severity risk that could compromise the integrity and confidentiality of user workstations.

Immediate Action: Update Google Chrome to version 147 or later immediately to resolve the vulnerable WebRTC component.

Proactive Monitoring: Review endpoint security logs for unusual browser process behavior or unexpected crashes that may indicate exploitation attempts.

Compensating Controls: Utilize browser-based security policies or enterprise-grade endpoint protection software to restrict malicious script execution.

Public Exploit Available: false

Given the high CVSS score and the prevalence of Chrome in enterprise environments, organizations must prioritize patching. Administrators should deploy the latest Chrome update across all managed endpoints to mitigate the risk of remote exploitation.