Search

Google Chrome 67 Gets Site Isolation Feature to Mitigate Spectre Vulnerability

Advertisement
Highlights
  • Chrome 67 has enabled security feature Site Isolation
  • It is designed to limit the scope of Spectre vulnerability
  • Chrome 68 for Android will also get the same feature
Google Chrome 67 Gets Site Isolation Feature to Mitigate Spectre Vulnerability

Chrome 67 has been given security feature called Site Isolation on Windows, macOS, Linux, and Chrome OS to limit the scope of Spectre vulnerability that was disclosed earlier this year. The new feature, as its name suggests, isolates the browser from render content of each website opened in the latest Chrome browser and use a dedicated process for every single site to restrict the sharing of processes between multiple sites. Google believes that as a result of the latest development, Chrome can rely on the operating system to prevent attacks between processes and sites. There are plans to expand Site Isolation beyond Spectre attacks and help protect users from attacks that emerge from fully compromised renderer processes. However, the initial experience is targeted to protect users from Spectre attackers that are considered as a set of speculative execution side-channel attacks.

To recall, Chrome 67 was released back in May. Google says that while Chrome was already using a multi-process architecture to enable different tabs to use different renderer processes, there was a possibility that a malicious webpage could share a process with the active webpage to compromise user data. This loophole has ultimately been addressed with Site Isolation that puts all cross-site iframes into a different process than their parent frame and split a single page across multiple processes. "When Site Isolation is enabled, each renderer process contains documents from at most one site," explains Google's Software Engineer Charlie Reis in a blog post. "This means all navigations to cross-site documents cause a tab to switch processes. It also means all cross-site iframes are put into a different process than their parent frame, using 'out-of-process iframes.'"

With the arrival of Site Isolation, Chrome browser no longer loads data to other websites in the same process of the site opened on an active tab. This limits an attacker to obtain user data using malicious JavaScript code. Further, the latest security feature includes Cross-Origin Read Blocking (CORB) that is designed to transparently block cross-site HTML, XML, and JSON responses from the renderer process, without largely impacting compatibility.p

"Site Isolation is a significant change to Chrome's behavior under the hood, but it generally shouldn't cause visible changes for most users or Web developers (beyond a few known issues). It simply offers more protection between websites behind the scenes," says Reis.

Although Site Isolation could be a saviour if a malicious site is set to steal your data, it does put some load on Chrome by creating more renderer processes. Nevertheless, Google claims that each renderer process "is smaller, shorter-lived, and has less contention internally." The Chrome team is also in plans to optimise the initial behaviour of the feature to make the experience faster.

Google has enabled Site Isolation for as much as 99 percent of users on Windows, macOS, Linux, and Chrome OS, however, a one percent user base hasn't been considered to monitor and improve performance. Also, there are plans to extend Site Isolation coverage to Chrome for Android as well. Experimental enterprise policies for enabling Site Isolation will be available in Chrome 68 for Android, and it can be enabled manually on Android using chrome://flags/#enable-site-per-process, the engineer said in the blog post.

Moreover, Google is working on additional security checks in the browser process to bolster Site Isolation to counter attacks from fully compromised renderer processes. The search giant is also collaborating with other major browser vendors to help them defend against Spectre attacks.

It is worth pointing out that Site Isolation was previously available as an experimental enterprise policy in Chrome 63 and later versions. The limited availability enabled Google to resolve several known issues ahead of its public arrival on Chrome 67.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Chrome 67, Google, Site Isolation
 
Show Full Article
Please wait...
Advertisement

Related Stories

Popular Mobile Brands
  1. OTT Releases This Week: Jewel Thief, Viduthalai Part 2, and More
  2. IPL 2025 Live Streaming for Free: How to Watch CSK vs RCB IPL Match Online?
  3. OnePlus 12R, Nord 4 and Pad 2 Receiving New OxygenOS 15 Update in India
  4. Realme 14 Pro+ Review: Plenty of Refinements
  5. Realme 14 5G With Snapdragon 6 Gen 4 SoC, 6,000mAh Battery Launched
  6. Vivo X200 Ultra Teased to Get Dedicated Camera Control Button
  7. OnePlus President Hints at New Compact Phone; OnePlus 13T Design Leaked
  8. Ghibli Tokens Ignite Memecoin Frenzy Amid Anime AI Art Boom
  9. Vivo X200 Ultra Teased to Get Two Imaging Chips; Camera Samples Revealed
  10. iQOO Z10 Price in India, Chipset Details Teased Ahead of Launch
  1. Krafton Acquires Controlling Stake in Real Cricket Developer Nautilus Mobile for Rs. 118 Crore
  2. UAE Plans to Launch Digital Dirham CBDC, Integrated Wallet in Q4 2025
  3. CMF by Nothing Hints at New Products With Pokemon Teasers; CMF Phone 2 Could Launch Soon
  4. Google NotebookLM Upgraded With Mind Maps Feature and Output Language Selector
  5. Ghibli-Themed Tokens Spark Memecoin Frenzy Amid Surge in Anime AI Art Trend on Social Media
  6. Prince of Persia: The Lost Crown to Release on Android, iOS Platforms on April 14
  7. Apple's Foldable iPhone to Sport Display With Same Aspect Ratio as iPad Models, Tipster Claims
  8. Light Phone 3 With OLED Display, 1,800mAh Battery and Minimalist Design Launched: Price, Specifications
  9. Instagram Adopts Popular TikTok Feature, Adds 2X Playback Speed Option for Reels
  10. Anthropic Researchers Make Major Breakthrough In Understanding How an AI Model Thinks
Gadgets 360 is available in
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »