Google Chrome adopts Microsoft and Intel's Hardware-enforced Stack Protection

Google has announced that they have adopted a new exploit protection scheme developed by Intel and Microsoft to protect their Chrome browser.

The feature uses Intel’s Intel’s Control-flow Enforcement Technology (CET), which keeps a shadow list of valid return addresses, and raises an exception when a process violates the list.

The technology,  which is implemented in Windows 10 as Hardware-enforced Stack Protection, prevents commonly used exploit techniques such as Return-Oriented Programming (ROP) and Jump Oriented Programming (JOP), which can be used to escape the browser sandbox and execute arbitrary code.

“With this mitigation the processor maintains a new, protected, stack of valid return addresses (a shadow stack),” said Chrome Platform Security Team Engineer Alex Gough. “This improves security by making exploits more difficult to write. However, it may affect stability if software that loads itself into Chrome is not compatible with the mitigation.”

The technology requires the latest processors, ie. Intel 11th Gen or AMD Zen 3 CPUs and Windows 10 2004 or later, and is currently implemented in Chrome 90.

The technology is partially implemented in the non-rendering processors in Edge 90, but will presumably come to the rest now Google has adopted it. It should also percolate to other Chromium-based browsers, and Mozilla has also undertaken to implement it.

via BleepingComputer