With stronger sandboxing no longer advantageous and deploying additional processes off the table, Google said it must attack memory unsafety problems by “any and all means necessary.” This includes exploring custom C++ libraries and utilizing safer languages like JavaScript, Rust and Swift when applicable.Interestingly, software from other vendors suffers from the same issue. Most vulnerabilities in Apple's iOS and macOS operating systems are memory safety issues, and Microsoft also found last summer than around 70 percent of its vulnerabilities are due to memory unsafety. More details at TechSpot.
Google: Most Chrome vulnerabilities are memory safety issues
Posted on Tuesday, May 26 2020 @ 13:35 CEST by Thomas De Maesschalck