Recently, a security researcher released the POC details of the Chrome 0-Day remote code execution vulnerability. This vulnerability has been verified. At present, Google has only released a beta version of Chrome (90.0.4430.70) fixes for this vulnerability. There are still vulnerabilities in the stable version of Chrome (89.0.4389.114).
An attacker can use this vulnerability to construct a malicious web page, which will cause remote code execution when the user visits the page.
We recommend that users pay attention to the Chrome stable version update and fix the vulnerabilities in time. It is strongly recommended that users run Chrome in SandBox mode.