Google updated its Chrome Stable channel to version 77.0.3865.90 for Windows, Mac, and Linux to implement four security fixes, one rated critical and three high.
The critical CVE-2019-13685 covers a use-after-free in UI
issue; CVE-2019-13688 (high) deals with a use-after-free in media; CVE-2019-13687
(high) a use-after-free in media and CVE-2019-13686 (high) a use-after-free in
offline pages.
The successful exploitation of these could allow an attacker to execute arbitrary
code in the context of the browser, obtain sensitive information, bypass
security restrictions and perform unauthorized actions, or cause
denial-of-service conditions.
There are no reports of these vulnerabilities being
exploited in the wild.
Gloss