If you trust Google Chrome – or Opera, Microsoft Edge, Brave or any other web browser based on the Chromium open source code base – to work at home or keep in touch with friends or family while at home due to the ongoing coronavirus pandemic, you should avoid the latest Windows update 10. This is because Microsoft has broken an important security feature found in all Chromium-based browsers with the latest Windows 10 1903 update, available for all users now.
Worst of all, the subsequent fix for the problem is deleting files from users' computers during the update process – going out millions of Windows 10 users around the world trapped between a rock and a very difficult place. The important security feature, initially broken by Microsoft in its update, is the Chromium sandbox. For those who don't know, this essential feature allows users to run applications and browser extensions in a virtual environment completely separate from their operating system.
If the item you are downloading contains malware or another security threat, it will not be able to penetrate the rest of the operating system – it will be contained in the sandbox. Clearly, this is a vital resource for keeping your documents, applications and most important online safe from the worst criminals.
Unfortunately, Windows 10 broke it. Thanks to a new "security feature bypass vulnerability", as Microsoft calls it in a recent update for customers, Windows 10 is now unable to properly handle the feature. This vulnerability means that cyber criminals can exploit the flaw to allow their applications to escape the sandbox boundaries to infect all parts of their PC.
In a nutshell, it disrupts the Chromium sandbox as it should – and leaves your entire PC vulnerable to downloads that would otherwise be safely contained.
Google found the problem and resolved the broken sandbox in its blog post: “The sandbox works with the concept of least privilege using Restricted Tokens” – and since Windows 10 is not handling these tokens correctly, the operating system is leaving your Windows. 10 PC at risk.
Google Chrome is comfortably the most popular web browser on the planet. According to most estimates, it accounts for about 67% of all traffic from computer browsers worldwide. Together with the approximately 1 billion PC owners using Windows 10, this flaw will affect a big number of people.
And with people increasingly relying on their PCs to work from home or keep in touch with friends and family, this can have devastating consequences.
although Microsoft has had several problems with Windows 10 updates in recent weeksso far, they’ve only affected their own apps and resources. After the Windows 10 1903 Update, it is now also causing problems with other developers' software.
There is a patch available that solves the sandbox problems, but we do not recommend it. This is because the solution, Windows 10 KB4549951, is causing some equally serious problems for some users. This includes deleting users' files from their machines during the upgrade process.