update of the Chrome browser 77.0.3865.90, which eliminates four vulnerabilities, one of which has been assigned the status of a critical problem, which allows you to bypass all levels of browser protection and execute code on the system, outside the sandbox environment. Details about the critical vulnerability (CVE-2019-13685) so far , we only know that it is caused by accessing an already freed memory block in handlers associated with the user interface (access to the information will be open after most users install the update).
The remaining three vulnerabilities are marked as dangerous. Problems are also caused by accessing an already freed memory block (Use-after-free) in the code for processing offile pages (CVE-2019-13686) and multimedia data (CVE-2019-13687, CVE-2019-13688). Google paid researchers who identified problems in multimedia processors a reward of $20 for each vulnerability. The size of the bonus for the other two vulnerabilities has not yet been determined.
Source: opennet.ru