Google Chrome Implements Restrictions on Admin-Level Browser Launches to Enhance Security Measures
Google is implementing a significant update to Chromium that modifies Google Chrome’s operational privileges to enhance security within Windows environments. This initiative aims to prevent the browser from running with elevated administrative permissions.
In 2019, Microsoft introduced a comparable feature for its Edge browser, which alerted users when launching the browser with elevated rights, encouraging a relaunch without administrator access. Over time, Microsoft refined this approach, ultimately preventing Edge from starting with elevated permissions altogether.
Following this precedent, Microsoft has integrated similar enhancements into Chromium. Developers have confirmed that Google Chrome will now automatically revert to standard user privileges when an attempt is made to launch it with administrative permissions.
According to Stefan Smolen, a member of the Microsoft Edge team, the implementation will automatically attempt to relaunch Chrome in a non-elevated mode once; if that fails, it will revert to the traditional method of launching with administrative rights.
To facilitate this process, a new command-line switch, “-do-not-de-elevate,” has been introduced. This switch aims to prevent the de-elevation procedure from triggering an infinite loop if a relaunch fails after a prior de-elevation attempt.
It is important to note that this feature will not affect Chrome processes initiated with elevated rights in automation mode to ensure compatibility with automated tools that may require such permissions.
Microsoft consistently advises against running browsers in administrator mode due to inherent security risks. When Chrome operates with elevated privileges, it assumes that any files downloaded and executed through the browser will also inherit these administrative rights. This scenario poses a substantial security vulnerability, as executing a malicious file could grant it unrestricted access to the system, potentially leading to serious compromises.
By implementing these changes, Google and Microsoft are taking proactive steps to bolster browser security, which is essential in today’s threat landscape.
Researchers have identified a highly adaptable ad fraud network known as Kaleidoscope, which inundates users with unskippable advertisements. Typically, ad…
Google is implementing a significant update to Chromium that modifies Google Chrome’s operational privileges to enhance security within Windows environments….
Recent intelligence indicates that cybercriminals employing tactics associated with Scattered Spider, previously active against retail entities in the United Kingdom,…
Edge devices, particularly routers that no longer receive security updates, have become prime targets for cyber threat actors. Recently, reports…
Check Point’s April 2025 malware report highlights an alarming trend characterized by the growing sophistication and obfuscation of cyberattacks. The…
Ascension, a leading private healthcare system in the United States, has disclosed that a recent data breach affects the personal…
Scammers are leveraging counterfeit artificial intelligence tools and Facebook advertisements to disseminate Noodlophile Stealer malware, specifically targeting users through deception…
A new malware threat named LOSTKEYS has been identified by Google’s Threat Intelligence Group (GTIG) as part of a series…
Kickidler Employee Monitoring Software Misused in Ransomware Operations Ransomware groups have increasingly repurposed legitimate Kickidler employee monitoring software for malicious…