The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months.
Google is hurrying out a fix for a vulnerability in its Chrome browser that’s under active attack – its third zero-day flaw so far this year. If exploited, the flaw could allow remote code-execution and denial-of-service attacks on affected systems.
The vulnerability exists in Blink, the browser engine for Chrome developed as part of the Chromium project. Browser engines convert HTML documents and other web page resources into the visual representations viewable to end users.
“The Stable channel has been updated to 89.0.4389.90 for Windows, Mac and Linux which will roll out over the coming days/weeks,” according to Google’s Friday security update.