Chrome now uses new chip-level defenses from AMD and Intel

Posted on Thursday, May 06 2021 @ 10:56 CEST by Thomas De Maesschalck
GOOG  logo
The Register highlights the inclusion of new code protection technology in version 90 of Google's Chrome browser. This new technique makes it harder for attackers to hijack your PC via Chrome. The feature is exclusively available for Windows users and requires a new processor with Control-flow Enforcement Technology (CET) support. This technology is supported by Intel's Tiger Lake chips and AMD's Zen 3-based processors.

CET is hardware-level protection that provides a defense against attackers that try to use Return Oriented Programming (ROP) to violate a program's control-flow integrity (CFI). According to Chrome security engineer Alex Gough, the new technology is very promising because it makes it harder to overcome Chrome's multi-process architecture defense.
CET tries to prevent ROP by implementing a shadow stack, a read-only memory region that maintains a record of the primary stack in order to assure the proper control-flow of any program. If an exploit overwrites the main stack with malicious values to hijack the flow of the program, this should be evident to the processor when it inspects the shadow, and can terminate the program before any damage is done.

"On supported hardware, call instructions push the return address on both stacks and return instructions compare the values and issues a CPU exception if there is a return address mismatch," explained Jin Lin, program manager for Microsoft Azure and Windows Kernel, in a note in February.
CET does have some limitations. The article from The Register describes some of them and points out that Chrome's CET implementation could cause issues with incompatible software that loads inself into Chrome.




Loading Comments