Security News > 2021 > May > Chrome on Windows turns on Intel, AMD chip-level defenses against malicious websites
Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection.
This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.
Released in April, Chrome 90 supports Intel's Control-flow Enforcement Technology [PDF], a processor-based defense against exploits that use something like Return Oriented Programming to violate a program's control-flow integrity.
As Google Chrome security engineer Alex Gough observed, this is particularly promising because one of Chrome's defenses, its multi-process architecture, can be overcome by ROP attacks.
Gough said Windows' Control Flow Guard technology can help bridge this gap to verify the target of an indirect function call, and Google plans to add CFG support to Chrome for Windows eventually.
Chrome's CET implementation "May affect stability if software that loads itself into Chrome is not compatible with the mitigation," said Gough.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/05/06/chrome_code_protection/
Related news
- Infostealer malware bypasses Chrome’s new cookie-theft defenses (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws (source)
- Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass (source)
- New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors (source)