A high-severity use-after-free vulnerability in Google Chrome's ANGLE component poses a significant risk of sandbox escape for affected users.

This is a use-after-free vulnerability located within the ANGLE graphics engine. An unauthenticated remote attacker who has already compromised the renderer process can leverage this flaw via a crafted HTML page to potentially escape the browser sandbox.

With a CVSS score of 8.3, this vulnerability represents a high risk to organizational security. Successful exploitation could allow an attacker to move beyond the browser's security boundaries, leading to unauthorized system access, data theft, or the execution of arbitrary code on the underlying host operating system.

Immediate Action: Update all Google Chrome installations to version 148.0.7778.216/217 (Windows), 148.0.7778.215/216 (macOS), or 148.0.7778.215 (Linux) immediately.

Proactive Monitoring: Review endpoint security logs for unusual browser process behavior or attempts to access restricted system resources.

Compensating Controls: Ensure that browser-based security policies are strictly enforced and utilize endpoint detection and response (EDR) solutions to identify anomalous process execution.

Public Exploit Available: false

Given the potential for sandbox escape and the high CVSS score, this update should be treated with high priority. Organizations should automate the deployment of the latest Chrome browser updates to all workstations to mitigate the risk of remote code execution and system compromise.