HomeWinBuzzer NewsMicrosoft Edge: Google Project Zero Takes Issue with Widely Promoted ACG Protection

Microsoft Edge: Google Project Zero Takes Issue with Widely Promoted ACG Protection

Microsoft Edge's Arbitrary Code Guard is well-implemented thanks to various fixes, but flaws in Microsoft's Content Flow Guard protection could leave PCs exposed.

-

Edge is lacking in features, but one of its biggest selling points has always been its security. Microsoft has been working tirelessly to improve such features for enterprise, one of them being Arbitrary Code Guard (ACG). The feature stops attackers from executing malicious code through memory if they attack through the browser's content process.

However, Google Project Zero researcher Ivan Fratric believes it's not all it's cracked up to be. In February, he published a bypass for AGC after Microsoft failed to fix it within the allotted 90-day period. The Edge teams took pains to fix the issue by ensuring the browsers Just in Time Javascript compilers meshed correctly with the feature.

Though that bypass is mitigated, Fratric says there are ways determined attackers can bypass the mitigation. While ACG's implementation is strong, a exploit mitigation called Control Flow Guard (CFG) that it depends on isn't. This opens the PC to attack despite the protection of ACG.

A Long-Term Commitment

Though Fratric's logic is clear, it's also obvious he isn't entirely impartial. In the paper, he promotes an alternative: Google Chrome. According to Fratric, Chrome's site isolation could provide better protection in many cases.

Site isolation runs each webpage in its own sandboxed process, making it difficult for attackers to cause damage to the user's system. Unfortunately, this also causes a significant memory hit of 10-20%.

With already significant competition it's clear why Microsoft follows its own philosophy. Edge is sold as a fast, simple browser with little battery usage. Such an implementation could compromise that. Fratric also notes that the Edge team is dedicated to fixing this problem.

“Currently, with a lot of known bypasses, bypassing CFG in Windows is not difficult. However, should Microsoft be able to fix all the known weaknesses of CFG, including adding the return flow protection, the situation might change in the next couple of years,” he said. “As Microsoft already showed intention to do this, we believe this is their long-term plan.”

Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News