Google Project Zero Calls Windows 10 Edge Defense ‘ACG’ Flawed

Researchers maintain Microsoft’s vaunted Arbitrary Code Guard in the Edge browser can’t stop hackers from mounting attacks.

Google Project Zero updated its research alleging that Microsoft’s Edge browser security measure introduced last year, called Arbitrary Code Guard (ACG), is faulty.

Ivan Fratric, Project Zero researcher, published the 31-page white paper on Thursday alleging that Microsoft’s much vaunted ACG mitigation feature in Edge isn’t sufficient at stopping “advanced attackers from escaping a browser’s sandbox and mounting other attacks.”

The ACG feature was rolled into Microsoft’s Windows 10 Creators Update in April 2017. Microsoft’s ACG was devised as an effective way to disrupt the typical browser-based exploit chain that attackers use to target the browser’s memory. ACG, in conjunction with a preexisting mitigation technology called Code Integrity Guard (CIG), put the brakes on unsigned and improperly signed code from loading in the Edge browser.

In February, Project Zero researchers first exposed a mitigation bypass technique that allowed an advanced attacker to bypass Microsoft’s ACG. The research was critical of how Microsoft implemented its ACG mitigation and how it avoided a browser performance hit by sidestepping Edge’s Just-in-Time (JIT) compilers. The JIT process compiles JavaScript to native code and maps it into a requested content process.

In Edge, Microsoft was able to avoid a performance hit by moving the JIT functionality into a separate process, which runs in its own isolated sandbox.

“ACG does succeed to fulfill its purpose of preventing executable memory from being allocated and modified. However, due to mutual dependence of (Control Flow Guard), ACG and CIG and the shortcomings of CFG in Microsoft Windows, ACG alone can’t be sufficient to stop advanced attackers from escaping a browser’s sandbox and mounting other attacks,” wrote Google’s Fratric in his report on Thursday.

The follow-up report by Google, posted on this week, ties together various mitigation bypass issues that have come to light since Google first revealed its research in February. The Google report also dives deeper into how Google’s bypass works.

Fratric initially published his research in February after Microsoft was unable to fix the issue within Google’s Project Zero 90-day disclosure deadline.

Microsoft in a statement to Threatpost pointed out an advanced attacker exploiting ACG would already have gained “some capabilities,” therefore lessening the exposure of the ACG mitigation of an attack. “As indicated by the researchers, this technique assumes a potential attacker has ‘already gained some capabilities’ using another method,” a Microsoft spokesperson said.

Google does state its proof-of-concept attack assumed an adversary already has some “capabilities in the browser’s Content Process to execute arbitrary code.” It’s unclear what those capabilities are from the white paper. Google also acknowledges that since its initial report, some unspecified JIT server issues have been resolved by Microsoft.

Despite fixes, Fratric still asserts that by implementing ACG in Edge, it was leaving the mitigation feature called Control Flow Guard (CFG) open to attack. CFG is an optimized security feature designed to combat browser-based memory corruption vulnerabilities.

“Currently, with a lot of known bypasses, bypassing CFG in Windows is not difficult. However, should Microsoft be able to fix all the known weaknesses of CFG, including adding the return flow protection, the situation might change in the next couple of years. As Microsoft already showed intention to do this, we believe this is their long-term plan,” Fratric wrote.

He added that while his research focused on Microsoft Edge, attempts by other browser makers to implement “out-of-process JIT” would encounter similar problems.

“Outside the problems with CFG, the most fragile aspect of the ACG is the JIT server implementation, where multiple issues were uncovered. While the implementation is young and first of its kind so some issues are expected, the larger issue is that security boundary between the Content Process and the JIT Process isn’t adequately enforced,” he said.

Suggested articles