Chromium browsers support Intel CET security feature

0
45


Chromium-based browsers such as Google Chrome and Microsoft Edge will soon support the security feature. Intel CET to prevent a wide range of vulnerabilities.

Intel CET is a standard hardware security feature Submit it at the beginning In 2016 and added to 11th generation Intel CPUs in 2020.

CET is designed to protect programs from ROP and JOP attacks, which alter the normal flow of the application so that the attacker’s malicious code is executed instead.

AndHe said (Paige Patel) Baiju PatelFrom Microsoft: It can be difficult to detect or prevent JOP or ROP attacks because the attacker uses existing code operating from executable memory in an innovative way to alter the program’s behavior.

These vulnerabilities include attacks that bypass the browser sandbox or execute remote code while visiting websites. Intel’s hardware-based CET solution prevents these attempts by running exceptions when normal flow is modified.

Windows 10 supports the Intel Security feature through an implementation method called hardware-enforced protection.

AndHe said (Jonathan Norman), Vulnerability Research Leader, Microsoft Edge Browser: Version 90 of the browser supports Intel’s CET feature.

Microsoft Edge browser, which is based on Chromium, uses multiple processes to perform different tasks.

According to Norman, Intel CET is used by browser, GPU, and plugin operations.

This security feature does not appear to be specific to Microsoft’s browser, as it is coming to all Chromium browsers, including Chrome, Brave, and Opera.

The Mozilla Foundation is also looking to add Intel CET support in Firefox, but there has been no update on its implementation status.

Windows 10 users with Intel 11th generation processors or AMD Zen 3 Ryzen processors, which also support CET, can use the Windows Task Manager to check if the process is using hardware security.

The new versions of Google Chrome and Microsoft Edge are expected to be released on April 13, 2021.







LEAVE A REPLY

Please enter your comment!
Please enter your name here