Secure Google Chrome Against Meltdown and Spectre Vulnerabilities

As you may already know, all Intel CPUs released during the past decade are affected by a serious issue. A specially malformed code can be used to steal the private data of any other process, including sensitive data like passwords, security keys and so on. Even a browser with JavaScript enabled can be used as an attack vector. If you are a Google Chrome/Chromium user, you can do the following.


If you are not aware about the Meltdown and Spectre vulnerabilities, we have covered them in detail in these two articles:

In short, both Meltdown and Spectre vulnerabilities allow a process to read the private data of any other process, even from outside a virtual machine. This is possible due to Intel's implementation of how their CPUs prefetch data. This cannot be fixed by patching the OS only. The fix involves updating the OS kernel, as well as a CPU microcode update and possibly even a UEFI/BIOS/firmware update for some devices, to fully mitigate the exploits.

The attack can be performed with only JavaScript too using a browser.

Today, a new version of Google Chrome is out. Chrome 63.0.3239.132 comes with a number of security fixes, but it does not include any special fix for Meltdown and Spectre Vulnerabilities. You can enable Full Site Isolation manually for protection against the mentioned vulnerabilities.

What is Full Site Isolation

Site Isolation is a security feature in Chrome that offers additional protection against some types of security bugs. It makes it harder for untrusted websites to access or steal information from your accounts on other websites.

Websites typically cannot access each other's data inside the browser, thanks to code that enforces the Same Origin Policy. Occasionally, security bugs are found in this code and malicious websites may try to bypass these rules to attack other websites. The Chrome team aims to fix such bugs as quickly as possible.

Site Isolation offers a second line of defense to make such vulnerabilities less likely to succeed. It ensures that pages from different websites are always put into different processes, each running in a sandbox that limits what the process is allowed to do. It also blocks the process from receiving certain types of sensitive documents from other sites. As a result, a malicious website will find it more difficult to steal data from other sites, even if it can break some of the rules in its own process.

Full Site Isolation will be enabled by default in Google Chrome 64.

In the current release of Google Chrome, you can enable Full Site Isolation manually. This will add extra protection against the Meltdown and Spectre vulnerabilities.

Secure Google Chrome Against Meltdown and Spectre vulnerabilities

  1. Open Google Chrome.
  2. Type chrome://flags/#enable-site-per-process in the address bar.
  3. Enable the flag "Strict site isolation" using the button next to the flag description.Secure Chrome Against Meltdown And Spectre

Note that enabling Full Site Isolation will increase memory usage - Google states it can be 10%-20% more than usual. Administrators can choose to turn on Chrome's Site Isolation for all sites or select a list of websites to run in their own rendering process.

It is worth mentioning that Firefox is using a different protection mechanism. If you are a Firefox user, please refer to the following article:

Firefox 57.0.4 released with Meltdown and Spectre attack workaround

That's it.

3 thoughts on “Secure Google Chrome Against Meltdown and Spectre Vulnerabilities

  1. Shyam Reddy

    Hi Sergey, is this must even after Windows 10 is patched?

    Reply
    1. Shyam Reddy

      Hi Sergey, please ignore my question. I guess I didnot read the article well enough. :)

      Reply
  2. Phil

    can you add this for Meltdown and Spectre Vulnerabilities please?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *