Google builds stronger Flash sandbox in Chrome

The security upgrade is now available in the Windows version of Chrome; a Mac OS X version is forthcoming

Google today announced it had wrapped up work on a stronger Flash sandbox in the Windows version of Chrome, and would soon ship the same for its OS X browser.

Chrome 21, which launched July 31, completed efforts to ditch the aged NPAPI (Netscape Plugin Application Programming Interface) Flash plug-in for one built to Google's own PPAPI (Pepper Plugin Application Programming Interface) standard.

[ Security expert Roger A. Grimes offers a guided tour of the latest threats and explains what you can do to stop them in "Fight Today's Malware," InfoWorld's Shop Talk video. | Keep up with key security issues with InfoWorld's Security Adviser blog and Security Central newsletter. ]

By porting Flash Player to PPAPI, Google's engineers were able to stuff the Adobe plug-in into a "sandbox" as robust as the one that protects Chrome itself.

"Windows Flash is now inside a sandbox that's as strong as Chrome's native sandbox, and dramatically more robust than anything else available," Justin Schuh, a Chrome engineer, in a post to the Chromium blog Wednesday.

A sandbox is an anti-exploit technology that isolates processes on the computer, preventing or at least hindering malware from letting hackers exploit an unpatched vulnerability, escalate privileges and push their attack code onto the machine.

Chrome was the first to sandbox Flash Player: Google shipped a "stable" build of the browser in March 2011 with a Windows sandbox for Flash. In May 2012, Adobe issued a sandboxed Flash plug-in for Mozilla's Firefox, although the open-source browser maker has struggled to diagnose a higher-than-usual number of Flash crashes since then.

Previously Chrome's Flash sandbox was only available on Windows Vista and Windows 7, but with Chrome 21 and the move to PPAPI, Google was able to extend coverage to Windows XP.

"[That's] critical given the absence of OS support for security features like ASLR and integrity levels [in Windows XP]," Schuh said.

Schuh claimed that Chrome is run by about 100 million Windows XP users.

According to Web analytics company Net Applications, Windows XP powered 46.6 percent of all Windows PCs that went online in July, a slightly larger share than the quickly-gaining Windows 7.

The port of Flash to PPAPI will reduce Flash crashes by 20 percent, and prepares Chrome for its debut on Windows 8, the upgrade Microsoft plans to start selling Oct. 26.

"Because PPAPI doesn't let the OS bleed through, it's the only way to use all Flash features on any site in Windows 8 Metro mode," Schuh wrote, referring to the tile-based environment that, along with a traditional desktop, comprises Windows 8.

Google added a Metro version of Chrome to the rougher "dev" channel in mid-June.

Although a fully-sandboxed Flash Player plug-in is yet not included in Chrome on OS X, Schuh said that the team "hope[s] to ship it soon."

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+, or subscribe to Gregg's RSS feed. His e-mail address is See more articles by Gregg Keizer.

Read more about application security in Computerworld's Application Security Topic Center.

This story, "Google builds stronger Flash sandbox in Chrome" was originally published by Computerworld.

Copyright © 2012 IDG Communications, Inc.