Google: Most Chrome vulnerabilities are memory safety issues

Posted on Tuesday, May 26 2020 @ 13:35 CEST by Thomas De Maesschalck

Google engineers believe sandboxing and processes are no longer enough to keep a browser safe. They analyzed 912 high severity and critical security vulnerabilities that were discovered in Chrome since 2015, and concluded that about 70 percent of these bugs concerned memory safety issues.

With stronger sandboxing no longer advantageous and deploying additional processes off the table, Google said it must attack memory unsafety problems by “any and all means necessary.” This includes exploring custom C++ libraries and utilizing safer languages like JavaScript, Rust and Swift when applicable.

Interestingly, software from other vendors suffers from the same issue. Most vulnerabilities in Apple's iOS and macOS operating systems are memory safety issues, and Microsoft also found last summer than around 70 percent of its vulnerabilities are due to memory unsafety. More details at TechSpot.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!