Terms and conditions apply
Share
Copy
Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection.
This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.
Released in April, Chrome 90 supports Intel’s Control-flow Enforcement Technology (CET) [PDF], a processor-based defense against exploits that use something like Return Oriented Programming (ROP) to violate a program's control-flow integrity (CFI).
ROP is a code-reuse attack. It involves bouncing the CPU core between snippets of instructions in an application to form a malicious program. Think of it like cutting letters or words out of a newspaper to spell out a ransom note. You stitch together different parts of the software under attack to do things like disable security measures, or open a backdoor, or spawn some other malware.