Chrome to Block Apps from Injecting into Its Processes

Google’s Chrome web browser will soon prevent third-party software from injecting code into its processes.
网络安全法宣传片 002 国家网络安全的现状与重要性概述
The search giant announced that the change is planned for Chrome 68 for Windows, which is currently on track to be released in July 2018. Before the switch, however, Chrome 66 will start warning users when other software is injecting code into one of its processes.
Around two thirds of Chrome users on Windows have other applications that interact with the browser, such as accessibility or antivirus software. While some of the software needed to inject code in Chrome to ensure proper functionality, this could lead to unexpected crashes.
“Users with software that injects code into Windows Chrome are 15% more likely to experience crashes,” Chris Hamilton of the Chrome Stability Team explains. 
Hamilton also points out that Chrome extensions and Native Messaging provide new, modern alternatives to running code inside of Chrome processes.
This is why Chrome 68 will start blocking third-party software from injecting code into Chrome on Windows. Before that, however, Chrome 66 will start displaying a warning after a crash, informing users on other software injecting code into the browser.
The browser will also guide users into how to update or remove the third-party software responsible for the crash.
In July 2018, Chrome 68 will start blocking code injections only if the blocking won’t prevent the browser from starting. If it will, Chrome will restart and allow the injection, while also warning the users on the matter and providing guidance into removing the troubling software.
Starting in January 2019, when Chrome 72 is set to be released in the stable channel, the browser will always block code injection.
“While most software that injects code into Chrome will be affected by these changes, there are some exceptions. Microsoft-signed code, accessibility software, and IME software will not be affected,” Hamilton says.
Related: Chrome 62 Update Patches Serious Vulnerabilities

Related: Google to Remove Support for PKP in Chrome
Related: Google Patches High Risk Flaws in Chrome
信息安全的重要性在政府部门,学术机构和工业领域的重要性更加突出。但不幸的是,世界范围内信息泄露的事情时有发生。去年出于某种原因英国就遭遇了几次数据泄露的事故。
真正有效的内部安全系统的特点在于,能够最大程度地披露信息,并承认只有当可信度能够维持时,机密才能够被最好的保存。

猜您喜欢

市社会福利院组织安全消防知识岗前培训
网络钓鱼攻击的演变历史及趋势
Security-Frontline-安全前线
宁波新一期中青班毕业啦 50位学员个个感慨收获满满
NEEDTOMEET KAHOOTSFEEDANDPET
亟需规范的数据恢复行业