Google Chrome users will receive a patch later this week that fixes a severe vulnerability that can be manipulated by attackers to execute arbitrary code. The flaw lied in the Chrome 85 stable channel, however, has since been fixed by the company. The flaw is a bug in the WebGL (Graphics Library) components of the Chrome browser that allows users to render 2D and 3D graphics within the browser, utilizing Javascript API.
The flaw in question stems from the WebGL component’s inability to properly handle objects stored in memory within the rendering function. According to researchers, a cyberattacker could use the vulnerability to manipulate the memory layout of the browser, allowing them to access the use-after-free exploit. This could eventually lead to arbitrary code execution. Google has urged its customers to implement the update as soon as possible, as it ranks 8.3 out of 10 on the CVSS scale.
Read More: Google Fixes High-Severity Chrome Browser Code Execution Bug