Google has touted Site Isolation in Chrome 77 on desktop as capable of defending against significantly stronger attacks; even in scenario where the renderer process is compromised, such as Universal Cross-Site Scripting (UXSS) logic errors.
The security mechanism initially targeted Spectre-like attacks which leads to data leaks from given renderer process, but starting with Chrome 77, Site Isolation will be able to handle severe attacks whereby the renderer process is completely compromised through security bugs, such as bugs related to memory corruption or UXSS logic errors.
What this means is that Google has extended the advanced defensive technology to protect against such attacks as exploiting vulnerabilities in the browser's rendering engine, Blink.
The site isolation works by limiting Blink rendering engine process to pages from a single website, thus effectively isolating a rendered page from other sites. And as malicious websites try to exploit a vulnerability, the attack site would be denied access, so the hackers won't be able to access users' data, such as corporate information.
Albeit, a bug might allow an attacker to run arbitrary native code within the sandboxed renderer process, given that an attacker exploited a known memory corruption bug in Chrome's rendering engine, and it can no longer be constrained by the security checks in Blink.
But, Chrome's browser process understands what website the renderer is processing at a time, so it will restrict cookies, passwords, and other site data from the entire process, making it far more difficult for attackers to steal cross-site data.
Also, the Android version of Chrome 77 sports the site isolation technology, which on previous versions wasn't enabled, but only for desktop. And for the desktop platforms, isolation is turned on for all sites, while for Chrome on Android isolation happens per site basis, and only active for websites that process sensitive data.
The feature starts with Chrome 77 for Android, and is enabled for about 99% of users running Android devices with a RAM of at least 2GB, and a 1% holdback for monitoring performance.
No comments