It is not a good week for Windows 10. There is practically no update in which something does not break. But this week, the Redmond system takes the cake both for the blue screens and for finding a code line in Windows 10 that fails the security on google chrome.
As we say, the latest Windows 10 update is giving some problems. First, some computers were affected by a glitch causing a performance loss, but soon after, we learned of the resurgence of the blue screens of death (the server has suffered two this week, by the way).
The discovery goes a little further. And it is an investigator of the Zero project of Google (the ones in charge of Google to investigate security breaches in programs, hardware, and operating systems) has discovered that a line of code broke the security of Google Chrome.
And it’s not new: it was introduced in the May 2019 update.
Which do you prefer, Windows 10 or Google Chrome? If we had known about this vulnerability last year, many users would have asked themselves that question.
And it is that, as researcher James Forshaw from Project Zero has described in a recent blog (via Forbes), “You will not believe what a single code change can do to Chrome Sandbox.“ A slight change to the Windows 10 code In its 1903 update broke Google Chrome’s security.
Windows 10 1903 was the May update to the operating system that introduced several significant changes. In April / May, the first major annual update of Windows 10 is usually made (Microsoft is already preparing this year’s). And in the last year, new features were introduced that were well-received by users.
However, a line of code was also changed that allowed Google Chrome to hack due to Windows 10 directly. This failure allowed a cybercriminal to bypass the Chrome sandbox. So he would control the system and access the data stored there.
Sandbox mode is quite common in programs and operating systems (Windows 10 introduced it last year, in fact). It is a protection that isolates specific applications so that, if something fails, it does not affect the rest of the system, as it is entirely isolated.
The problem is that, in this case, the operating system allowed forced entry into Chrome. Breaking that protection and leaving the software vulnerable. As Forshaw details, the Google Chrome sandbox is one of the best protections without requiring additional security. Still, all this is useless if there is a failure in Windows since Chrome depends on the Microsoft system, and Google has no voice. I don’t vote when you change certain things in Windows 10 code.
The good news is that, almost a year later, Forshaw found the flaw by warning Microsoft. The Redmond people acted by changing that line to make Chrome somewhat more secure. But we have lived with that flaw for a year without knowing it.
Now, why are there so many errors in Windows 10? The answer is simple, and, as we told you a while ago, the code has many lines. It weighed a lot and was built based on generations ago. So it is tough to add something without breaking a previous function.
Sometimes it is minor nonsense; sometimes, it is a glitch causing a passing blue screen. And other times, it opens the door for hackers.
How Python Integration can be Beneficial or will compile be good!