"This first iteration of Chrome's Flash Player sandbox for all Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," write Justin Schuh and Carlos Pizano, software engineers at Google, "This implementation is a significant first step in further reducing the potential attack surface of the browser and protecting users against common malware."Source: OS News
A lot of work still needs to be done, however, since this is only an initial release. "While we've laid a tremendous amount of groundwork in this initial sandbox, there's still more work to be done," the engineers add, "We're working to improve protection against additional attack vectors, and will be using this initial effort to provide fully sandboxed implementations of the Flash Player on all platforms."
Google Chrome puts Flash in a sandbox
Posted on Thursday, December 02 2010 @ 21:02 CET by Thomas De Maesschalck