Chrome 90 gets new security feature to protect against attacks on Windows 10

Google has introduced a new Windows 10 security feature called Hardware-enforced Stack Protection in its Chrome 90 browser to protect the memory stack against cyberattacks.

Microsoft introduced Hardware-enforced Stack Protection in March 2020. The feature is designed to defend against Return-Oriented Programming (ROP) attacks. To do this, Hardware-enforced Stack Protection uses processor hardware to protect application code running in its memory.

Added in Chrome 90 on Windows 20H1 with December updates or later, and 11th Gen Intel and AMD Zen 3 processors with Control-flow Enforcement Technology (CET).

For several years, Intel and Microsoft have been working on CET technology to protect against ROP attacks that can bypass existing measures to prevent exploitation of memory for ransomware installations. CET is based on “shadow stacks” used specifically to control transfer operations. Shadow stacks are isolated from the data stack and are tamper-proof.

With shadow stacks enabled, the CALL instruction pushes the return address onto both the data stack and the shadow stack. The RET instruction retrieves the return address from both stacks and compares them. If the return addresses from the two stacks do not match, the processor will signal a control protection exception (#CP).says Intel documentation.

As the Chrome team warned, the “shadow stack” can cause problems with some software installed in the browser.

[CET] improves security by making it harder to create exploits. However, stability may be affected if the software loaded into Chrome is not compatible with this technology. Some software may be incompatible with this mechanism, especially some older security programs that are embedded in the process and intercept the functions of the operating system.sthe Chrome team said.

Google has also provided detailed information for developers who need to debug an issue in Chrome’s shadow stack. Developers can see which processes have Hardware-enforced Stack Protection enabled in Windows Task Manager.

Let me remind you that Researcher discovered that Chrome Sync function can be used to steal data.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *