A high-severity use-after-free vulnerability in the Google Chrome Dawn component on macOS could enable remote attackers to execute arbitrary code.

This issue occurs within the Dawn component, which handles WebGPU operations in the browser. An unauthenticated attacker could trigger a use-after-free error, leading to memory corruption and potential code execution on the host machine.

The vulnerability carries a CVSS score of 8.8, reflecting its potential to bypass browser sandboxing mechanisms. Exploitation could allow an attacker to gain a foothold on the target machine, facilitating data theft or further malicious activity within the internal network.

Immediate Action: Update Google Chrome on all macOS endpoints to version 149 or later as soon as possible.

Proactive Monitoring: Review system logs on macOS for unusual process activity or attempts to access restricted memory areas.

Compensating Controls: Employ endpoint security solutions to block suspicious browser-based activities and alert on unauthorized execution attempts.

Public Exploit Available: false

Administrators should prioritize patching all macOS clients running Google Chrome. Proactive updates are essential to mitigating this high-severity threat and maintaining a secure computing posture across the organization.