Klappis

Level 1
Every single web-page you visit at once on the session is contained under its own process, and each of those processes have their own Chromium sandbox container.

Let's say that Spectre was exploited on your environment whilst the Site Isolation feature is enabled and the exploitation was from a JavaScript script loaded locally from an untrusted website you've just been redirected to, the Site Isolation feature should protect the memory of the other tabs because they are hosted under their own processes (the web-pages from other tabs) along with their own sandbox container. It helps prevent leak memory for other tabs data in the event of such web-based exploitation (as a starter example).

Read more: Site Isolation - The Chromium Projects
Why isn't that enabled by default?

No way i am clicking a chinese site.
 

Andy Ful

Level 42
Content Creator
Trusted
Verified
The good old Sandboxie could help here (please remember that Edge doesn't work under Sandboxie).
Sandboxie is one of my favorite software, but in those attacks, many users will be fooled to update the browser, which can be done permanently only outside the sandbox (in the real system).:(