Google puts Flash plugin in a more secure browser sandbox

The Flash Player plugin will no longer be the weakest link in Google's Chrome browser.

flash_sandbox_chrome
As proven by the CanSecWest Pwn2Own hacks, the Flash Player plugin that ships with Google Chrome is a major weak spot that has been targeted by attackers. 

Not anymore.

Google has quietly tweaked the browser to put Flash in the browser's more restrictive sandbox on all versions of Windows, making it significantly harder to exploit a Flash Player vulnerability to get full system access.

The fully sandboxed Flash was included in the Chrome 21 beta release, according to Google's Justin Schuh.

[ SEE: How Google set a trap for Pwn2Own exploit team ]

Earlier this month, Google introduced a "double security" sandbox concept for Chrome on Linux to offer improved security on the open-source operating system.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All