A naukri.com initiative
TechSpot
1M
327
Image Credit: TechSpot
Google Chrome 127 introduces application-bound encryption on Windows
- Google Chrome 127 now introduces application-bound encryption on Windows to improve the security of Chrome cookies against infostealer malware.
- Chrome currently protects data like cookies and passwords using the strongest techniques provided by the OS.
- However, Chrome on Windows uses the Data Protection API (DPAPI), which doesn't protect against malicious applications that execute code as logged in user.
- To deal with this issue, Chrome has introduced App-Bound Encryption on Windows.
- The new technique encrypts data tied to the app's identity, improving security against attacks from infostealers that try to access sensitive data.
- The App-Bound Encryption service encodes app identity into encrypted data while encrypting, which is verified during decryption by the App-Bound service.
- App-Bound Encryption increases the cost of data theft to attackers and makes their actions noisier on the system.
- As Chrome's malware landscape continually evolves, it aims to continue engaging with others in the security community to improve detections, along with strengthening operating system protections.
- The Stable channel has been updated to 127.0.6533.88/89 for Windows and Mac and 127.0.6533.88 for Linux.
- The update includes three security fixes. As usual, bug details and links may be restricted until a majority of users receive the fix.
Read Full Article
19 Likes
For uninterrupted reading, download the app