Google Zero Day has raised the issue of threat Chrome browser In a recent blogpost. According to data compiled by the Tech Giant Project Zero team, these attacks have increased since 2019.
Google says that with multilayer Site isolation Chrome, a single Bug “Almost never” is enough to do something really bad and attackers have to use multiple bugs to either compromise the renderer process or get into it. Chrome Inside the browser process or OS.
Site Isolation is a security feature of Chrome that provides an extra layer of protection against attacks by unscrupulous websites. It uses a browser’s sandbox to make suspicious websites more difficult to access or steal information from users’ accounts on other websites.
The site isolation process involves placing the pages of different websites in different processes, each running in a sandbox that limits what the process is allowed to do, making it harder for a malicious website to steal data from another website, Google explained.
Site isolation is, in Google’s own words, applied in the following ways:
“Cross-site documents are always placed in a different process, on the current tab, on a new tab, or on an iframe (e.g., embedding one web page inside another).
Cross-site data (such as HTML, XML, JSON, and PDF files) is not processed on a web page unless the server says it should be allowed (using CORS).
Security checks in the browser process can detect and eliminate a malicious renderer process (for the time being only on desktop platforms).
Google has advised all users to update their Chrome browser because already patched bugs can still be used by hackers to target older Chrome versions.
The technology giant says it is going to further strengthen site isolation, while maintaining it Android Add more security layers to the main focus, and to make the Chrome browser stronger Adding extra layers will make a single bug mostly ineffective and will require multiple, chained bugs to be able to do damage.