Google recently announced that as of February 2023, it will be dropping support for Windows 7 and 8.1, focusing on Windows 10, 11 and beyond.
Even though older Google Chrome versions will still continue to work after support is dropped on Windows 7 / 8.1, the impact of this announcement is that browsers on these systems will no longer receive security updates and patches.
Browser vulnerabilities are constantly addressed through patches
Over time, security vulnerabilities are gradually discovered and patched through periodic software updates (patches). Google’s announcement to discontinue support for Chrome on these operating systems means that any vulnerabilities that are discovered from that date forward will no longer be addressed, as those systems will cease to receive patches.
If your organization has endpoints running on Windows7 or 8.1, this could be a serious issue not only because Chrome’s security will start becoming outdated, but because the vulnerabilities discovered are fixed in periodic patches, the patches themselves usually include details of what those vulnerabilities were. Releasing them publicly makes it easier for threat actors to come up with ways of exploiting them, and all they would need to do is look for the relevant vulnerable operating systems.
Minerva Browser Isolation Helps Secure Obsoleted Browsers
Luckily, not all is lost and there is a relatively easy solution. With Minerva’s Browser Isolation, you can keep your browsers fully secured even on legacy systems without access to latest security updates.
For those of you not familiar with Minerva’s browser isolation, it is an easy to install solution that works well with both modern and legacy systems (including Windows 7/8.1). The solution locally secures the browser without sacrificing usability or scalability. Minerva’s Browser Isolation module, part of our Ransomware Protection Platform, also provides protection against more attack scenarios than existing solutions such as deploying browser-over-VM or browser-screening.
How Browser Isolation Works
The secret to why Minerva’s Browser Isolation works so well lies in its simplicity. By performing low level isolation of the browser process, Minerva completely shuts down its ability to spawn rogue child processes. Even if an threat actor manages to successfully exploit an unpatched vulnerability in the browser, the malware still wouldn’t be able to execute any code on its behalf since Minerva’s browser isolation blocks blocks its ability to launch any additional processes.
This means every time a program tries to manipulate the browser into spawning a malicious process, Minerva automatically blocks it, and effectively isolates the browser’s capabilities to harm the computer’s environment.
In addition to this, Minerva’s Memory Injection Prevention Module (also part of the Minerva Armor Anti Ransomware Platform) also prevents payload execution of file-less malware attacks.
Also, an adversary trying to abuse the browser to download malicious files onto the target endpoint would be blocked by Minerva’s Malicious Document Prevention (MDP) or anti-evasion module.