A high-severity use-after-free vulnerability in the GPU component of Google Chrome for Mac exposes users to potential sandbox escape and system compromise.

This is a use-after-free vulnerability found in the GPU component. A remote attacker could exploit this by directing a user to a crafted HTML page, which, following the compromise of the renderer process, could lead to a sandbox escape.

With a CVSS score of 8.3, this vulnerability represents a severe threat to macOS environments. Successful exploitation allows an attacker to bypass the browser's primary defense layer, potentially leading to unauthorized access to sensitive user data or further exploitation of the host system.

Immediate Action: Update all Google Chrome instances on Mac to version 149.0.7827.115 immediately.

Proactive Monitoring: Monitor endpoint security logs for unexpected browser crashes or unusual GPU-related process activity which may indicate exploitation attempts.

Compensating Controls: Implement endpoint protection solutions that can identify and block malicious code execution originating from browser processes.

Public Exploit Available: false

Security teams should enforce the update to version 149.0.7827.115 across all Mac workstations. Swift remediation is essential to maintain the integrity of browser-based security boundaries.