To prevent this you can enable Strict Site Isolation / Strict Origin Isolation on Google Chrome on both host and remote machines. Chrome already has a built in sandboxing technology and this feature puts even stronger security boundaries between websites than Chrome’s existing sandboxing technology.
This is how Google describes the Strict Site Isolation feature in a support page:
Google’s site isolation feature improves security for Chrome browser users. When you enable site isolation, content for each open website in the Chrome browser is always rendered in a dedicated process, isolated from other sites. This creates an additional security boundary between websites.
You can enable it via a command line flag:
- Find your Google Chrome icon/shortcut on the desktop and right-click on it.
- Select Properties from the drop-down menu.
- Select the Shortcut tab.
- In the Target field, add the following text
--site-per-process
at the end of the shortcut path and click on Apply (It may need admin privileges to apply the changes) and then OK.
After doing this the Chrome processes will not cause any interference with the RDP service, as each site gets loaded in its own isolated process.
The same setting goes for Microsoft Edge Chromium.
To be noted: As per Google, this may increase memory consumption by 20%, but I found no such memory spikes in my testing Chrome in normal mode and this flag enabled.