Google Chrome has borrowed a handy Windows 10 security feature

Google Chrome
(Image credit: Shutterstock)
Audio player loading…

Google has added Hardware-enforced Stack Protection to the latest version of Chrome (opens in new tab) in an effort to make it more difficult for attackers to exploit security bugs in its browser.

This security feature, which is supported on Intel 11th Gen (opens in new tab) or AMD Zen 3 (opens in new tab) CPUs, is already enabled in Windows 10 (opens in new tab) as Microsoft has adopted Intel's Control-flow Enforcement Technology (CET) through an implementation known as Hardware-enforced Stack Protection.

Hardware-enforced Stack Protection leverages the Intel CET chipset security extension to secure Windows applications from Return-Oriented Programming (ROP), Jump Oriented Programming and other common exploit techniques. These techniques are often used by crybercriminals to take over a program's intended control flow and execute malicious code in order to escape a browser's sandbox or execute code remotely. On Windows 10, Hardware-enforced Stack Protection is able to block these kinds of attacks by triggering exceptions when an application's natural flow has been modified. 

In a new blog post (opens in new tab) announcing the addition of Hardware-enforced Stack Protection to Chrome, Chrome Platform Security Team engineer Alex Gough explained that this mitigation allows a processor to create a protected stack of valid return addresses or a shadow stack that helps improve security by making exploits more difficult for attackers to write.

Hardware-enforced Stack Protection

Although Google has now added Hardware-enforced Stack Protection to Chrome, it isn't the first Chromium-based browser to do so. With the release of the Canary build of version 90 of Microsoft Edge (opens in new tab) last month, the software giant added support for Intel CET to its browser for non-renderer processes. 

Now that two of the best browsers (opens in new tab) have added support for Hardware-enforced Stack Protection, it's likely that other Chromium-based browsers such as Brave and Opera will soon follow suit. At the same time though, Mozilla is also exploring adding support for Intel CET (opens in new tab) to Firefox though there haven't been any updates on its progress since the idea was first proposed last year. 

With many employees still working from home (opens in new tab) and cloud adoption continually increasing, more of our work is done from a web browser than ever before. For this reason, efforts by Google and Microsoft to secure their browsers even further will help keep workers safe from new exploits and attacks designed to be delivered remotely.

Via BleepingComputer (opens in new tab)

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.