Tip:
Highlight text to annotate it
X
Building the most secure browser that we can is a top priority for the Google Chrome team.
A secure browser helps guard against threats such as phishing and malware, which could
steal your passwords - or worse.
Sandboxing is a feature that we’ve built into Google Chrome to enhance the browser’s
Here’s how sandboxing works:
In Chrome, every every website or web application you open in the browser is a separate and
independent process.
For example, if you open three different websites in three different browser tabs, each tab
you open corresponds to a separate process.
So if one tab crashes, the browser and other tabs you have open shouldn’t be affected.
Sandboxing provides a layer of protection around each of these processes. Just like
an actual sandbox, it is designed to build a restricted environment around each process.
If you inadvertently open a malicious web page designed to harm your computer or even
a familiar website that has been hacked, the browser’s sandbox is designed to prevent
malicious code on the exploited website from causing further damage to your computer. The
malicious code is contained within the sandbox so that it does not affect other tabs in your
browser or your machine.
So something bad can be running in one tab, but as soon as you close the tab, it’s gone
- without any harm to your computer.
In Chrome, all web pages that you view in the browser are sandboxed. However, there
are other parts of the browser that benefit from sandboxing too.
Plug-ins are additional pieces of software that plug into the browser to enable useful
functionality. For example, Adobe Flash Player is a widely used plug-in that enables web
content such as online videos and games. Plug-ins also allow you to view PDF documents online.
Plug-ins are widely used and enable powerful functionality, but that widespread usage and
power can make them prime targets for security attacks across all browsers.
Users are even more vulnerable to attacks if they are running plugins that aren't up
to date. Out-of-date plugins frequently contain known vulnerabilities.
In our efforts to better protect Chrome users from security exploits, we’ve built and
sandboxed Flash and PDF functionality directly into Chrome. These integrations take advantage
of Chrome’s auto-update mechanism to help ensure that they are never out-of-date. This
means that as a Chrome user, you’ll always receive the latest security fixes and patches
for these integrations.
To learn more about Chrome and security, visit: google.com/chrome/security.