Google is starting to lock down Chrome's memory on Windows, and it could soon be enabled by default

Starting in Chrome 151, Chrome will apply “process isolation”, a Windows security feature designed to block other apps from accessing the browser’s memory. The controls prevent outside software from reading or injecting code into Chrome’s processes.

When enabled, Chrome applies Windows security Access Control Lists to its processes, making it much harder for outside software to peek into or interfere with the browser. In other words, the setting changes how Chrome handles memory access behind the scenes.

That matters because this is both a security upgrade and a compatibility risk. For most users, the change should make Chrome significantly harder to attack. Malware like VoidStealer has already demonstrated the ability to extract encryption keys directly from Chrome’s memory. Process isolation aims to block this type of memory access.

Google will use the staged rollout to watch for compatibility issues. Because process isolation requires a restart, Chrome only applies the change after relaunch, and the visible disable option gives users a quick escape hatch if something breaks.

Process isolation isn’t new on Windows. Microsoft already uses similar protections in parts of the platform, and Chrome is adopting a security model that fits with how Windows already handles sensitive processes.

Users can turn process isolation on or off at any time by going to Chrome Settings > System and flipping the “Enable process isolation” toggle. That gives people an easy way to disable the feature if their tools break, or turn it back on later if they want the extra protection.

Windows Report tested the feature ourselves. After enabling process isolation, Process Explorer still shows Chrome’s processes, but it displays “Access is denied” when trying to inspect them, confirming that the isolation layer is working.

We first reported on this feature back in March when it appeared as a hidden toggle in a Chrome testing build. Now Google is moving it from testing to a gradual rollout, with field-trial infrastructure in place to monitor how it behaves in real-world use.

Enterprise admins also get more control through the WindowsProcessIsolation policy, letting IT departments manage the rollout across their networks.

If you want to test it early, you can enable it now by flipping the chrome://flags/#enable-process-isolation-ui flag in pre-release versions of Chrome. Everyone else will see the feature roll out gradually over the coming weeks.