A high-severity race condition in the Google Chrome Updater for macOS allows for potential unauthorized system-level manipulation.

This vulnerability involves a race condition in the browser's updater mechanism. An attacker could potentially exploit the timing of update operations to gain elevated control over the application's lifecycle or security parameters.

An attacker successfully exploiting the updater component could potentially bypass security updates or force the installation of unauthorized code, undermining the integrity of the browser environment. With a CVSS score of 8.3, this represents a major risk to enterprise endpoint security and the reliability of automated patch management processes.

Immediate Action: Apply the vendor-provided update to version 149 or higher to patch the race condition within the updater module.

Proactive Monitoring: Review system logs for anomalous activity specifically related to the browser update process or unexpected installation events.

Compensating Controls: Utilize endpoint management tools to strictly control binary execution permissions and prevent unauthorized modifications to application directories.

Public Exploit Available: false

Maintaining a secure update mechanism is critical for browser integrity. Organizations must immediately update Google Chrome on all macOS systems to ensure that the updater component is no longer susceptible to this race condition.