A high-severity vulnerability has been identified in the ANGLE graphics engine component of Google Chrome on macOS. This flaw, an out-of-bounds memory access, can be exploited by an attacker using a specially crafted web page to potentially execute arbitrary code on a user's system, leading to a full compromise of the affected machine. Due to confirmed active exploitation in the wild, immediate patching is critical to prevent data theft, malware installation, and further network intrusion.

The vulnerability is an out-of-bounds memory access flaw within ANGLE (Almost Native Graphics Layer Engine), a component used by Google Chrome to translate OpenGL ES calls to native desktop graphics APIs. An attacker can trigger this vulnerability by tricking a user into visiting a malicious or compromised website containing specially crafted graphics content. This action causes the application to read from or write to a memory location outside of the intended buffer, which can lead to information disclosure, a denial-of-service (browser crash), or, most critically, arbitrary code execution in the context of the logged-in user.

This vulnerability is rated as High severity with a CVSS score of 8.8. A successful exploit could have a significant negative impact on the organization. An attacker could execute malicious code on an employee's computer simply by having them visit a website, bypassing traditional perimeter defenses. This could lead to the theft of sensitive corporate data, intellectual property, employee credentials, or financial information. Furthermore, a compromised endpoint could be used as a beachhead for attackers to move laterally within the corporate network, install ransomware, or deploy persistent backdoors.

Immediate Action: All instances of Google Chrome on macOS endpoints must be updated to version 143 or later immediately. This is the most effective way to remediate the vulnerability. IT and security teams should verify patch deployment and monitor systems for any signs of post-patch exploitation attempts or indicators of a prior compromise by reviewing access and endpoint logs.

Proactive Monitoring: Security teams should actively monitor for indicators of compromise (IoCs) related to this vulnerability. This includes looking for unusual child processes spawned by the Chrome browser process on macOS, unexpected network connections from workstations to unknown IP addresses, and alerts from Endpoint Detection and Response (EDR) solutions related to memory corruption or browser-based exploits.

Compensating Controls: If immediate patching is not feasible, the following temporary controls can help reduce risk:

• Implement enhanced web filtering to block access to untrusted or newly registered domains.
• Ensure EDR and antivirus solutions are updated with the latest signatures and behavioral detection rules to identify and block exploit attempts.
• Advise users to exercise extreme caution when clicking links or visiting unfamiliar websites.
• Temporarily direct users to use an alternative, unaffected web browser for critical operations if available.

Public Exploit Available: false

Given the high CVSS score of 8.8 and its status as a known exploited vulnerability (CISA KEV), this issue must be treated as a critical priority. We strongly recommend that all affected Google Chrome installations on macOS devices are patched immediately to version 143 or newer. The confirmed active exploitation of this vulnerability significantly increases the risk to the organization, and remediation efforts should be fast-tracked and completed well before the CISA KEV deadline to prevent a potential system compromise.