[ad_1]
If you trust Google Chrome, or Opera, Microsoft Edge, Brave, or any other web browser based on Chromium’s open source code, to work from home or keep in touch with friends or family while at home due to continuous coronavirus pandemic, you may want to avoid the latest Windows 10 update. That’s because Microsoft has broken a key security feature found in all Chromium-based web browsers with their latest Windows 10 1903 update, which is available for all users at this time.
And worst of all, the subsequent solution to the problem is to delete files from users’ PCs during the update process, leaving millions of Windows 10 users around the world caught between a rock and a very difficult place. The important security feature, initially broken by Microsoft in its update, is the Chromium sandbox. For those who don’t know, this key feature allows users to run browser applications and extensions in a virtual environment that is completely independent of their operating system.
If the item you are downloading contains malware or another security threat, you will not be able to enter the rest of the operating system; it will be contained within the sandbox. Clearly, this is a vital feature to keep your documents, apps and most important protected from the worst online criminals.
Unfortunately, Windows 10 has broken it. Thanks to a new “security feature bypass vulnerability,” as Microsoft calls it in a recent update for customers, Windows 10 is now unable to properly handle the feature. This vulnerability means that cyber criminals could exploit the flaw to allow your applications to escape the limits of the sandbox to infect all parts of your PC.
READ MORE
Microsoft’s next Windows 10 update is one step closer, this is how it will transform your PC
Simply put, it prevents the Chromium sandbox from working as it is supposed to, and leaves your entire PC vulnerable to downloads that would otherwise be safely contained.
Google found the problem and addressed the broken sandbox in its blog post: “The sandbox works with the concept of least privilege by using restricted tokens,” and since Windows 10 doesn’t handle those tokens correctly, the operating system is now leaving your Windows 10 PC at risk.
Google Chrome is comfortably the most popular web browser on the planet. By most estimates, it accounts for about 67 percent of all desktop web browser traffic worldwide. Along with the approximately one billion PC owners using Windows 10, this flaw will affect a big number from the people.
And with people increasingly depending on their PCs to work from home or keep in touch with friends and family, this could have devastating consequences.
Although Microsoft has had several issues with its Windows 10 updates in the past few weeks, so far, they have only affected their own apps and features. After Windows 10 1903 update, it is now also causing problems with other developer software.
There is a patch available that solves sandbox issues, but we wouldn’t recommend it. This is because the solution, Windows 10 KB4549951, has been causing some equally serious problems for some users. This includes removing user files from your machine during the upgrade process.
