Google is testing port randomization in Chrome in effort to stop network attacks

Chrome may use random ports for connections to boost security

Reading time icon 2 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Security of your browser and system is paramount since malware usually spreads by downloading files from shady websites.

If you’re concerned for your safety, you’ll be pleased to hear that both Google and Microsoft are working on a new feature that will give you an extra layer of security while browsing.

Google and Microsoft are working on the EnableTcpPortRandomization feature

If you’re not familiar, port randomization is a security technique that selects a random port for initiating an IP/TCP connection. By doing so, it becomes harder for hackers to perform port scanning attacks and exploit vulnerabilities.

Microsoft and Google are working together to bring this feature to Windows, and you can see that developers are already working on bringing EnableTcpPortRandomization to Windows.

Google plans to use the SO_RANDOMIZE_PORT option for TCP connections, however, the rollout had its share of issues.

There is a bug in Windows that led to aggressive port reuse which resulted in the system using the first available port in the range, thus completely bypassing this feature. Here’s what the developers said:

This was due to a Windows bug which, when the default port range was expanded, would often end up failing to select a random available port, instead falling back to choosing the first available port at the beginning of the range.

The Windows bug was first fixed in the 22H2 release and was then backported to earlier releases from August through November 2023.

Since developers had issues implementing this feature, it remains disabled by default behind the base::Feature flag.

By using this approach, the developers can experiment and verify that the feature is working as intended.

Once this feature is fully implemented, it will add a layer of defense against network-based attacks. As for other security features, Chrome Network Service now has its own sandbox.

It’s also worth mentioning that Chrome on Windows can now detect symbolic links and make you safer.

More about the topics: Chrome, ports, security