Google to sandbox Flash in Chrome
Google is working on sandboxing Adobe’s Flash Player to better protect users of the Chrome browser.
Adobe’s products have come under fire as “easy pickings” for online attackers, and the company has already sandboxed its own Reader software.
The Chrome Flash sandbox has now been released on the developers channel for users of Windows XP, Vista and 7. It uses the same system as Chrome’s current sandbox tech, which blocks applications from accessing “sensitive resources,” said software engineers Justin Schuh and Carlos Pizano, in a post on the Google Chrome blog.
Now, that system is being extended to the third-party app. “This implementation is a significant first step in further reducing the potential attack surface of the browser and protecting users against common malware,” they added.
“In particular, users of Windows XP will see a major security benefit, as Chrome is currently the only browser on the XP platform that runs Flash Player in a sandbox.”
Google said its developers were working on ways to use the system to protect against more types of attacks, and would eventually roll out the sandbox for Flash on other platforms.