Microsoft 10 Update Responsible for Google Chrome Security Flaw
You’ve heard it a million times – “Windows 7 end of life is here, it’s time to update to Windows 10.” But what happens when a Windows 10 update causes a problem with multiple Chromium-based web browsers?
Google revealed that Microsoft broke an important security feature in their popular web browser, Chrome, and has also affected other web browsers. The Windows 10 1903 update affected the Chromium sandbox, which is a security feature that allows users to run apps in a virtual environment that is separate from your operating system. The Chromium sandbox is a very useful tool because, if the download you are running in the sandbox has a malicious code, it won’t have the ability to infect your operating system.
Microsoft included a “security feature bypass vulnerability,” which means a malicious user could exploit the vulnerability. This would ultimately lead to the threat escaping the Chromium sandbox and running a code that would affect the host PC, which is the complete opposite of what the sandbox is intended for.
After Microsoft was alerted of the problem, they issued a patch to fix it. However, it’s a little unsettling that Chrome is so reliant on Microsoft 10 to stay secure, especially since it was just a single line of misplaced code that broke through Chrome’s security. Will users be tempted to quit Windows 10? Or be forced to choose between Google Chrome and Windows 10? It comes down to which one users are more loyal to, their operating system or their browser. Either way, here’s to hoping that Microsoft makes some big changes to Windows 10 updates.
Categorised in: IT Threat