"Most Chrome Security Bugs Rooted in Faulty Memory Code"

Google researchers found that nearly three-quarters of all security bugs contained by the Chrome web browser derive from problems with memory coding. According to the researchers, the current methods of sandboxing and site isolation used to prevent memory management vulnerabilities are not enough to defend against future attacks. The main factor behind this problem is Chrome's dependence on C and C++ programming languages, which were not designed with much consideration for security. Most of Chrome's competitors, including Microsoft Edge, Brave, and Opera, face the same problem as they also rely on C programming. MacOS and iOS are also vulnerable to security bugs stemming from memory safety. To address this problem, Google will explore customized C++ libraries and consider switching to the Rust programming language or other safer coding languages such as Java, Javascript, Swift, and more.  Google researchers have also listed several vulnerabilities that could lead to computer failure or the performance of malicious activities. These vulnerabilities include buffer overflow, race condition, and wild pointers. This article continues to discuss the root of most Chrome web browser security bugs, the inadequacy of current protective measures, plans to address these issues, and other vulnerabilities highlighted by Google.

TechXplore reports "Most Chrome Security Bugs Rooted in Faulty Memory Code"

 

Submitted by Anonymous on