Google Chrome Embraces Exploit Protection Feature Available on
Posted On May 6, 2021
Google Chrome has enhanced user data security by enabling hardware-enforced stack protection technology that was first adopted on Windows 10 last year. The enhanced security on the browser can help restrict attackers from exploiting security bugs on the system. The hardware-enforced stack protection technology works with computers based on Windows 20H1 (December Update) or later, running on processors with Control-flow Enforcement Technology (CET) such as AMD Zen 3 Ryzen and 11th-generation Intel CPUs. It is also a part of Chrome 90, the browser version that Google released last month.
Although Google Chrome already has a multi-process architecture that reduces the severity of a bug, stack protection is designed to further enhance security by using the CET chip security extension. This enables the CPU to maintain a shadow stack along with the existing stack that cannot be directly manipulated by normal program code.
The stack protection technology is designed to provide security against exploitation techniques such as Return-Oriented Programming (ROP) and Jump Oriented Programming (JOP). Both these techniques are often used by attackers to gain access to a system by executing malicious code through a browser. The technology may allow an attacker to execute a small fragment of their code but is crafted to stop them when they try to run the malicious code fully.
Having said that, Google does acknowledge that stack protection can be bypassed in some contexts. It is, thus, working to bring another Windows-focussed technology called Control Flow Guard (CFG) that further reduces the scope of getting exploited by attackers.
If you have a Windows 10 system with CET-compatible CPU, you can check if Chrome is using the hardware-enforced protection through Windows Task Manager. It can be viewed by going to Details > Select Columns and enabling the Hardware-enforced Stack Protection option from the Task Manager application.
We dive into all things Apple — iPad Pro, iMac, Apple TV 4K, and AirTag — this week on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.
Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at [email protected] Please send in your leads and tips. More