Question:
Recently, Google announced that the Dev version of Chrome is also available in 64-bit. It will likely be available for stable versions in the future as well.
What caught my attention is that Google said that the 64-bit version is 25% faster , that the failure rate has decreased by half and that it is also more secure than the 32-bit version.
These are very expressive numbers! But why does the simple fact of compiling in 64-bit bring all these benefits?
Sources:
-
Tecnoblog – You can now test the 64-bit version of Chrome for Windows
-
The Chromium Blog – Try out the new 64-bit Windows Canary and Dev channels
Answer:
Safety
With a 64-bit system it is possible to use ASLR which roughly protects against stack overflow (or buffer overflow) attacks. Thus preventing the cracker from jumping from an exploid to a direct function (IAT Hook or other hook types like Detours can also be avoided with this). It facilitates the use of polymorphism that is used a lot by malware but can also be used by common programs to not have a constant "signature" on their functions, and this is very useful, as most hooks use a memory scan to find patterns, thus finding the address of a function for example.
Speed
64-bit programs have faster access to the registry (because it is a different registry than 32-bit). More information
In addition to the advantages listed above, even today debugges (such as OllyODBG and IDA) have difficulty reading on 64-bit systems, this is not what will make the system more secure, but this already prevents 80% of "common" crackers from doing anything .
Simple polymorph class Polychaos