Google Chrome uses Windows 10's new security feature to combat exploits

Windows 10 supports Intel's Control-Flow Enforcement (CET) technology called Hardware-enforced Stack Protection.

Hardware-enforced Stack Protection uses the Intel CET chipset security extension to protect applications from popular vulnerability exploitation techniques such as Return-Oriented Programming (Return-Oriented Programming -). ROP) and Object-Oriented Programming (OOP).

An attacker bounty uses such computer security exploiting techniques to hijack the program's intended flow of control in order to execute malicious code through the browser. Windows 10's Hardware-enforced Stack Protection block these attacks when it detects that the natural flow of a modified application is detected.

Google Chrome is not the first Chromium-based web browser to support the Hardware-enforced Stack Protection feature. In February, Johnathan Norman, Microsoft Edge vulnerability research lead Microsoft Edge 90 added support for Intel CET functionality.

Google Chrome uses Windows 10's new security feature to combat exploits Picture 1

This security feature will most likely be applied to Chromium browsers other than Google Chrome and Microsoft Edge, including Brave and Opera. Furthermore, Mozilla is also considering supporting Intel CET for its Firefox web browser. However, no new information has been released since the company announced this a year ago.

Windows 10 users with a CET-compatible CPU (Intel 11th generation or AMD Zen 3 Ryzen) can check if the browser process is using this security feature using Task Manager.

Google Chrome uses Windows 10's new security feature to combat exploits Picture 2

To do that, open Task Manager, click on the Details tab and right-click on the column header, then check the Hardware-enforced Stack Protection option. Once enabled, a newly added column will show Intel CET-enabled processes.

Samuel Daniel

Update 09 May 2021