Security News > 2021 > May > Chrome on Windows turns on Intel, AMD chip-level defenses against malicious websites

Chrome on Windows turns on Intel, AMD chip-level defenses against malicious websites
2021-05-06 07:23

Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection.

This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.

Released in April, Chrome 90 supports Intel's Control-flow Enforcement Technology [PDF], a processor-based defense against exploits that use something like Return Oriented Programming to violate a program's control-flow integrity.

As Google Chrome security engineer Alex Gough observed, this is particularly promising because one of Chrome's defenses, its multi-process architecture, can be overcome by ROP attacks.

Gough said Windows' Control Flow Guard technology can help bridge this gap to verify the target of an indirect function call, and Google plans to add CFG support to Chrome for Windows eventually.

Chrome's CET implementation "May affect stability if software that loads itself into Chrome is not compatible with the mitigation," said Gough.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/05/06/chrome_code_protection/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Intel 6314 31 755 708 45 1539
AMD 892 5 120 122 27 274