Tuesday, 10 May 2011

Google Chrome finally Hacked

google chrome

Google Chrome one of the most secure browser and the survivor of the Pwn2Own contest from the last three years finally hacked. I don’t know what to say whether it’s a good news or a bad one but VUPEN Research team successfully Pwned Google Chrome and its sandbox.

The video shows the exploit in action with Google Chrome v11.0.696.65 on Microsoft Windows 7 SP1 (x64). The user is tricked into visiting a specially crafted web page hosting the exploit which will execute various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox (at Medium integrity level).

VUPEN isn't sharing its exploit code with just anyone, as they claimed it as one of the most sophisticated code they've ever seen or created as it bypasses all security features including ASLR/DEP/Sandbox (and without exploiting a Windows kernel vulnerability).

Source:- VUPEN Security



Post a Comment