Originally published at https://antonmcclure.com
Microsoft has been making the news a lot for Windows Updates issues. Google has recently revealed that an update to Windows 10 1903 broke an essential security feature in Google Chrome.
The update includes a security feature bypass vulnerability, as termed by Microsoft, which means attackers can let an application run code at a different integrity level the application, and escape the sandbox environment that Chrome runs in – the opposite of the sandbox’s purpose.
Google’s Project Zero team made a very detailed and technical writeup of the issues it caused, and I suggest you give it a read if interested. Google’s team wrote that “the sandbox works on the concept of least privilege by using Restricted Tokens.” The latest Windows 10 update issues that broke token relationships will put PCs at risk.
Google Chrome alone is already the most widely-used web browser, let alone every chromium-based browser, including the new chromium-based Microsoft Edge, which has embarrassingly also been affected by this issue.
The execution chain used by the Project Zero team involves almost 20 steps before the user escapes from the sandbox.
This issue is bad for Google and especially bad for Microsoft. Something must have been done wrong in an update if it can unintentionally break security features on a third-party program, especially a program as popular as Google’s Chrome and Chromium browsers.
Microsoft reportedly fixed the issue with CVE-2020-0981: Windows Token Security Feature Bypass Vulnerability, and is downloadable from the Microsoft Update Catalog.
Updates are to follow as more information becomes available from Microsoft, Google, or by third-parties regarding these security issues.