Google has introduced a crucial security update for Chrome on Windows PCs, enhancing cookie protection to safeguard against info-stealing malware. This update, announced by Willian Harris from Chrome’s Security Team in a recent blog post, adopts a security method similar to the one used on macOS.
New Protection for Chrome Cookies
The security update focuses on session cookies that authenticate your identity when you switch between apps without having to log back in. Google aims to replicate the macOS Keychain security system by using a new protection method on Windows. This involves updating the Data Protection API (DPAPI) and introducing “application-bound” encryption.
With this new security measure in Chrome 127, Google will encrypt information related to app identity, making it significantly harder for malicious actors to access sensitive data.
How Application-Bound Encryption Works?
Application-bound encryption relies on a privileged service to verify the identity of the requesting application. When data is encrypted, the App-Bound Encryption service encodes the app’s identity into the encrypted data. This identity is then verified when decryption is attempted. If another app on the system tries to decrypt the data, the attempt will fail.
Google plans to extend this protection to payment data, passwords, and other persistent authentication tokens in future updates.
Enhanced Security Detection
This new security approach will improve the detection capabilities of antivirus programs such as Bitdefender and Malwarebytes, making it easier to identify and block malicious attempts to steal information.
Implications for Windows Security
Interestingly, this development comes amidst broader discussions about Windows security. Recently, an IT outage caused by a faulty update from CrowdStrike affected various industries, including retail, banking, and airlines. Notably, Macs and Linux systems were not impacted. This incident has prompted Microsoft to consider adopting security measures similar to those used on Macs.
Stay Safe: Update Chrome Now
To benefit from this new security feature, Chrome users should update their browsers to version 127 as soon as possible. This update serves as a reminder of the importance of keeping apps and browsers up to date to ensure maximum protection against potential security threats.
