A high-severity use-after-free vulnerability affecting the Bluetooth implementation in Google Chrome for macOS poses a risk of remote code execution.

This flaw involves a use-after-free error within the Bluetooth component specific to the macOS version of Chrome. An unauthenticated attacker can exploit this condition to achieve arbitrary code execution by tricking a user into interacting with a malicious webpage that triggers the vulnerable Bluetooth API.

The exploitation of this vulnerability on macOS platforms could lead to full system compromise if the attacker successfully breaks out of the browser sandbox. The CVSS score of 8.8 highlights the severity, indicating that this is a critical priority for organizations utilizing Chrome on macOS.

Immediate Action: Update Google Chrome on all macOS devices to version 149 or later immediately.

Proactive Monitoring: Monitor for anomalous Bluetooth-related service calls or unexpected system performance issues on macOS workstations.

Compensating Controls: Restrict permissions for browser access to hardware APIs where possible and ensure that macOS software is fully patched to support browser-level security mitigations.

Public Exploit Available: false

Users and administrators of macOS systems running Chrome must prioritize this update. The specific nature of this vulnerability requires immediate patching to ensure the integrity of the browser's hardware interaction layer and the underlying operating system.