Google has introduced a new Windows 10 security feature called Hardware-enforced Stack Protection in its Chrome 90 browser to protect the memory stack against cyberattacks.Microsoft introduced Hardware-enforced Stack Protection in March 2020. The feature is designed to defend against Return-Oriented Programming (ROP) attacks. To do this, Hardware-enforced Stack Protection uses processor hardware to protect application code running in its memory.
Added in Chrome 90 on Windows 20H1 with December updates or later, and 11th Gen Intel and AMD Zen 3 processors with Control-flow Enforcement Technology (CET).
For several years, Intel and Microsoft have been working on CET technology to protect against ROP attacks that can bypass existing measures to prevent exploitation of memory for ransomware installations. CET is based on “shadow stacks” used specifically to control transfer operations. Shadow stacks are isolated from the data stack and are tamper-proof.
As the Chrome team warned, the “shadow stack” can cause problems with some software installed in the browser.
Google has also provided detailed information for developers who need to debug an issue in Chrome’s shadow stack. Developers can see which processes have Hardware-enforced Stack Protection enabled in Windows Task Manager.
Let me remind you that Researcher discovered that Chrome Sync function can be used to steal data.