Google Patches ‘GPU’ Security Flaw Exploited on Chrome for Mac

Google has addressed a security weakness in Chrome for macOS – one signaled by Mac-maker Apple itself after it learned that hackers may be exploiting it to compromise end users.

Google’s steady stream of updates for Chrome, the world’s most popular browser, ensures you get the latest security amendments before the bad guys can capitalize on any weakness.

The latest version for desktop users quietly addresses a vulnerability that, according to both Google and Apple, criminals may be actively exploiting.

High-risk vulnerability

Tracked as CVE-2025-24201 and designated as high-risk, the flaw is described as an “out of bounds write [issue] in GPU on Mac.”

“Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild,” reads the advisory.

The issue, reported to Google by Apple’s Security Engineering and Architecture team SEAR on March 5, is one of the key vulnerabilities fixed in Apple’s latest round of security patches and carries a similar high-risk rating.

Read: Patch Your iPhone! iOS 18.3.2 Fixes Nasty WebKit Flaw Exploited by Hackers in ‘Sophisticated Attacks’

Malicious actors can use an out-of-bounds error to trick a program into accessing memory at locations where it otherwise shouldn’t be possible.

At a minimum, an attack might cause the program to behave unpredictably or crash.

It can also, though, reveal memory contents that should be inaccessible, like encryption keys, passwords, or other sensitive data.

Cybercriminals might also redirect the execution flow to malicious code of their making or exploit the error to gain unauthorized elevated privileges on the target machine, which can lead to lateral damage on a wider network.

Keep your browser updated!

Threat actors have been known to use vulnerabilities in Chrome to gain a foothold on a victim’s device and deliver malicious payloads, including spyware wielded in highly-targeted attacks.

Even if you don’t consider yourself a target for hackers, Bitdefender recommends you deploy the latest updates for all your personal devices the moment they're available – especially when the vendor tags the addressed issues as potentially exploited in the wild.

As of today, Chrome users will want to be on:

·      Chrome 134.0.6998.88/.89 on Windows and Mac

·      Chrome 134.0.6998.88 on Linux

·      Chrome 134.0.6998.95 on Android

·      Chrome 134.0.6998.99 on iOS

Chrome is programmed to check for the latest version on every relaunch. If you haven’t closed Chrome in a while, start the process manually. Visit the three-dotted options menu, choose Settings -> About Chrome, and let the browser fetch the latest version from Google’s servers. When prompted, relaunch Chrome.

For peace of mind, consider running a dedicated security solution on all your personal devices.