Google updated its Chrome Stable channel to version 77.0.3865.90 for Windows, Mac, and Linux to implement four security fixes, one rated critical and three high.
The critical CVE-2019-13685 covers a use-after-free in UI issue; CVE-2019-13688 (high) deals with a use-after-free in media; CVE-2019-13687 (high) a use-after-free in media and CVE-2019-13686 (high) a use-after-free in offline pages.
The successful exploitation of these could allow an attacker to execute arbitrary code in the context of the browser, obtain sensitive information, bypass security restrictions and perform unauthorized actions, or cause denial-of-service conditions.
There are no reports of these vulnerabilities being exploited in the wild.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street