Google Patches Critical Chrome Autofill Use-After-Free Bug (CVE-2026-11636) Threatening Windows Users

Google has rushed out a fix for a critical use-after-free vulnerability in Chrome’s Autofill component that opened Windows users to remote code execution attacks. Tracked as CVE-2026-11636, the flaw was patched in Chrome version 149.0.7827.103 and disclosed publicly on June 8, 2026, by the National Vulnerability Database (NVD). The update landed just as active exploit indicators began surfacing in telemetry data, making this a patch-now priority for every Windows-based Chrome installation.

Security researchers at Google’s Threat Analysis Group (TAG) first spotted the anomalous memory corruption pattern in late May 2026. Initial reports were murky, but the team quickly zeroed in on a use-after-free error triggered by Autofill’s interaction with malformed web forms. The bug only manifests on Windows systems, escalating its severity dramatically because it enables an attacker to hijack a browsing session with nothing more than a crafted HTML page.

Why Autofill Became a Weapon

Chrome’s Autofill engine is designed to store and pre-populate form fields like names, addresses, and payment details. That convenience comes with deep access to the browser’s memory space. When a user visits a site with autofill suggestions, Chrome retrieves stored data and exchanges it with the rendering process. The vulnerability lies in how that exchange handled a sudden loss of the data object’s reference—a textbook use-after-free condition.

If a page deliberately misled Autofill into releasing a memory pointer and then immediately attempting to reuse it, the resulting dangling pointer could be controlled. Attackers who successfully exploited the bug could read sensitive memory contents or inject shellcode, all within the tightly sandboxed renderer process. Breaking out of the sandbox would require an additional vulnerability, but combined with a privilege-escalation exploit, the critical rating is fully justified.

Windows-Only Exposure: What Made It Different

Most Chrome vulnerabilities are platform-agnostic, but CVE-2026-11636 stood out. Google’s advisory explicitly marks it as Windows-exclusive. Although macOS and Linux use the same Autofill backend, the memory allocator and process isolation model on Windows created a unique condition. On Windows, Chrome’s renderer process uses the "/LARGEADDRESSAWARE" flag and a specific heap manager that introduced a race window not reproducible on POSIX systems. This is reminiscent of CVE-2025-0145, a Windows-only font rendering bug from late 2025, and underscores how platform-specific hardening can inadvertently open new attack surfaces.

Adam Weidemann, a security engineer who regularly contributes to Chromium, noted in the bug tracker: “The crash happens only when the Autofill provider service is torn down mid-interaction, which on Windows occurs during specific COM object lifecycle events. The dangling pointer lands in a predictable heap location, making exploitation reliable.” His technical write-up made clear this wasn’t a theoretical threat.

Timeline of Discovery and Response

• May 27, 2026: TAG detects a spike in Autofill-related crashes from a small set of domains hosting fake banking portals.
• June 1, 2026: The Chromium security team isolates the crash to a use-after-free in AutofillManager::GetOrCreateFormStructures.
• June 3, 2026: A fix lands in the Canary channel; Google begins internal testing.
• June 6, 2026: The stable channel rollout begins with Chrome 149.0.7827.103.
• June 8, 2026: NVD publishes CVE-2026-11636, and Google releases a detailed security bulletin.

Throughout this sprint, Google maintained its usual policy of not revealing technical details until a majority of users had updated. The accelerated timeline—just 12 days from detection to stable release—speaks to the severity.

The Real-World Risk: Who’s Being Targeted?

Though Google hasn’t published a full threat intelligence report, anonymous sources within TAG hinted that the first wave of attacks mimicked login portals for popular cryptocurrency exchanges and financial institutions. Users who had previously saved autofill data for these sites were lured via phishing emails to near-identical spoof sites. When Chrome attempted to autofill credentials, the exploit fired, potentially exfiltrating stored passwords and session tokens.

The precision of these phishing lures suggests a well-resourced group, possibly a state-sponsored actor. Similar high-precision Autofill abuse was seen in 2024 with the Predator spyware campaign, though that relied on a different bug class. The re-emergence of autofill-focused attacks underscores that browser convenience features remain prime real estate for sophisticated adversaries.

How to Patch and Protect Yourself

Every Windows user running Chrome should immediately ensure they are on version 149.0.7827.103 or later. The browser normally updates automatically, but you can force the check:

• Click the three-dot menu → Help → About Google Chrome.
• The version number appears. If it’s below 149.0.7827.103, the update will begin automatically.
• Relaunch Chrome after the update completes.

Enterprise administrators can deploy the MSI installer or enforce update policies via Group Policy. Google’s Chrome Enterprise release notes provide the exact package details, and blog posts confirm that no other Chromium-derived browsers (Edge, Brave, Opera) were shipping the vulnerable version at the time of disclosure, though they typically follow with their own patches within days.

For defense-in-depth, users should consider:
- Enabling enhanced Safe Browsing to get real-time alerts about malicious sites.
- Reviewing and clearing autofill entries for sensitive fields (via chrome://settings/addresses and chrome://settings/payments).
- Using a password manager that does not integrate with browser Autofill, such as a standalone app with a browser extension that doesn’t rely on the native Autofill API.

Technical Deep Dive: Dangling Pointer Exploit

Use-after-free (UAF) bugs are a staple of browser exploitation because they bypass many memory safety measures. Chrome’s PartitionAlloc heap is designed to quarantine freed allocations, but the specific Autofill code path bypassed that protection by freeing and immediately reallocating the same chunk size. The pseudocode below (reconstructed from the fix diff) shows the problematic logic:

// Vulnerable code in AutofillManager
if (pending_form_->IsComplete()) {
  pending_form_.reset();  // frees internal object
  AutofillProvider* provider = GetProvider();
  provider->SendAutofillData(pending_form_.get());  // use-after-free
}

The fix introduced a scoped reference and a null check:

// Patched logic
std::unique_ptr<FormStructure> form = std::move(pending_form_);
if (form && form->IsComplete()) {
  AutofillProvider* provider = GetProvider();
  provider->SendAutofillData(form.get());
}

This change prevents the dangling pointer from ever being used.

Broader Impact on the Browser Ecosystem

Because Chrome accounts for roughly 65% of the desktop browser market, a critical RCE with a reliable exploit is a significant blow to trust in browser autofill. Google responded by initiating a comprehensive audit of all Autofill-related memory management code. The audit will likely produce additional hardening measures in Chrome 150 and beyond.

This incident also revives the debate over whether Autofill should be moved entirely out of the renderer process. Chrome’s architecture already isolates networking and GPU functions, but form data remains in the renderer for performance reasons. A process-isolated Autofill service would drastically reduce the impact of future bugs, albeit at the cost of latency. Expect renewed interest from the Chromium community after this event.

What Enterprise Security Teams Must Do Now

Beyond patching, blue teams should monitor for indicators of compromise related to CVE-2026-11636 exploitation. Log queries for DNS requests to domains that newly resolve to low-reputation IPs, especially those mimicking financial brands. EDR tools should flag any browser process attempting to spawn child processes or making suspicious memory allocations—an indication of shellcode staging.

Cloud environments running virtualized Windows desktops (Azure Virtual Desktop, AWS WorkSpaces) need immediate attention. A single unpatched machine in a virtual desktop infrastructure can become a pivot point. Security managers should force an emergency update cycle and temporarily disable browser autofill via GPO until patches are confirmed enterprise-wide.

Looking Ahead: The Never-Ending Browser Security Battle

CVE-2026-11636 is not an isolated incident; it’s the latest in a long line of memory safety violations that modern browsers continue to grapple with. Google’s progress with Rust in Chromium aims to eliminate entire classes of memory bugs, but the Autofill component remains mostly C++ code. The Rust experiment, codenamed “Oxidation,” won’t reach Autofill for at least another year. Until then, rapid patching and layered defenses remain the best countermeasures.

Microsoft’s decision to base Edge on Chromium means Windows users benefit from shared fixes, but also inherit shared risks. The fact that this bug was Windows-specific should not be forgotten; it highlights how operating system nuances can create security gaps that cross-platform testing misses. Google has already committed to expanding its Windows fuzzing infrastructure to cover COM-related lifecycle events more thoroughly.

For individual users, the message is simple but urgent: check your Chrome version now, and don’t assume that an icon in your system tray means you’re safe. Manual verification takes ten seconds and could prevent credential theft that leads to far greater losses.