Google puts Flash plugin in a more secure browser sandbox
As proven by the CanSecWest Pwn2Own hacks, the Flash Player plugin that ships with Google Chrome is a major weak spot that has been targeted by attackers.
Not anymore.
Google has quietly tweaked the browser to put Flash in the browser’s more restrictive sandbox on all versions of Windows, making it significantly harder to exploit a Flash Player vulnerability to get full system access.
The fully sandboxed Flash was included in the Chrome 21 beta release, according to Google’s Justin Schuh.