Earlier this year Google integrated Adobe's Flash plug-in into Chrome and now the company takes it one step further by moving Flash into a sandbox to increase stability and thwart off attacks. The feature is available in the latest Chrome developer build, but it may still take a while until it arrives in the regular version of Chrome.
"This first iteration of Chrome's Flash Player sandbox for all Windows platforms uses a modified version of Chrome's existing sandbox technology that protects certain sensitive resources from being accessed by malicious code, while allowing applications to use less sensitive ones," write Justin Schuh and Carlos Pizano, software engineers at Google, "This implementation is a significant first step in further reducing the potential attack surface of the browser and protecting users against common malware."
A lot of work still needs to be done, however, since this is only an initial release. "While we've laid a tremendous amount of groundwork in this initial sandbox, there's still more work to be done," the engineers add, "We're working to improve protection against additional attack vectors, and will be using this initial effort to provide fully sandboxed implementations of the Flash Player on all platforms."