Chrome New Security Feature Can Avoid Memory-Based Attacks in Windows 10

Google has announced a new security feature for its latest Chrome browser, named “Hardware-enforced Stack Protection.” This was first revealed by Microsoft last year, where it embedded this security support in its Tiger Lake processors. This feature, available from Chrome v90 onwards, aims to thwart malware attacks targeted at ongoing memory processes.

Google Chrome New Security Feature

Chrome New Security Feature Can Avoid Memory-Based Attacks in Windows 10After a year of official revelation from Microsoft, Google adopts the “Hardware-enforced Stack Protection” feature. This security support is embedded into the Chrome v90, which’s running on Windows 20H1s systems with December or later updates.

Also, the system CPUs should be Intel 11th Gen or AMD Zen 3 ones, as they support Control-flow Enforcement Technology (CET). Microsoft also enables this security feature in its Chromium-based Edge browser, where it’s available in compatibility mode.

This security feature aims to avoid the Return Oriented Programming attacks, where an attacker tries to inject his malware code into the legitimate application’s code that’s processing in the memory. Since it’s legitimate, antivirus software may not be detecting the process suspicious often.

Thus, having a CPU that supports Control-flow Enforcement Technology can avoid this type of attack. CET comes with Shadow Stack, a replica of the actual data being processed and isolated from the regular operations to avoid tampering. Its mechanism is explained by Intel as,

When shadow stacks are enabled, the CALL instruction pushes the return address on both the data and shadow stack. The RET instruction pops the return address from both stacks and compares them. If the return addresses from the two stacks do not match, the processor signals a control protection exception (#CP).

While this is significantly helpful for avoiding memory-based malware attacks, using this can cause software loading problems in Chrome, says Google. Thus, Google provided clear documentation for developers to debug Chrome’s shadow stack problem and let them check the process through Windows Task Manager.

Leave a Comment