Microsoft Edge and Google Chrome is getting the support of Intel’s Control-flow Enforcement Technology to maintain their security and to prevent the vulnerabilities

Google Chrome and Microsoft Edge are not compromising their security at any cost and trying their best to prevent the wide range of malware, phishing sites, and vulnerabilities because, during the lockdown situation, the number of attacks has been increased a lot. Therefore, those people who are much conscious about their data would never use such browser which has a weak security feature. According to a report, about half population of America thinks that stealing data is more dangerous than being killed. Through the strong security feature of Intel, Google Chrome and Microsoft Edge will be able to reduce the number of attacks.

Intel first launched its security feature in the year 2016 and then launched its 11th generation CPUs in the year 2020. Control-flow Enforcement Technology (CET) is actually made to protect the users’ data against the attacks of Return Oriented Programming (ROP) and Jump Oriented Programming (JOP). These ROP and JOP types of attacks are dangerous and almost impossible to detect because it modifies the regular flow of an application to perform the malicious code. Further, the attacker users the existing code which is running from executable memory in an artistic way to change the nature of the program.

Intel has a history of working with the software community and strengthening the protection of browsers and operating system on modern computer systems. When these protection systems launched first, many attackers tried to find a creative way to bypass a browser’s Sandbox and implement remote code execution while browsing. These types of attacks need a strong security system to tackle these vulnerabilities. This CET is a strong security system that is able to prevent these attempts by generating exceptions when the natural flow is altered.

Microsoft Edge and Google Chrome are getting the support of intel’s CET through an execution named Hardware-enforced Stack Protection. The Windows application can only support this feature after being compiled with a flag, so a program may become noticeable as CET shadow Stack-compatible and selected in security protection. According to a report, Microsoft Edge 90 will get the security feature of Intel.

However, this security feature CET is not only made for Microsoft Edge, but it is made in such a way that it can be enabled on all Chromium-based browsers such as Google Chrome and Opera, etc. Mozilla Firefox is also considering this security feature to deal with vulnerabilities and phishing sites.

Intel CET will be used through a non-renderer process like browsers and extensions. The users of Window 10 running 11th generation CPUs and AMD Zen 3 Ryzen CPUs that have the support of CET can check the windows task manager and see if the process uses the hardware security feature by putting a checkmark in ‘’Hardware-enforced Stack Protection’’. When you make this enabled the column will show you which type of process supports CET. Google Chrome and Microsoft Edge 90 will get the CET support at the end of the first quarter of the year 2021.

H/T: Chromium.

Read next: Researchers at Google and Stanford analysed over a billion malicious emails to find out the reasons why and what makes the users of Gmail to get targeted the most

No comments:

Post a Comment