Thursday, March 28, 2024
Search
  
Thursday, March 8, 2012
 Chrome Patch Corrects Pwnium Security Flaws
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: Google has releasd an advisory patching security holes exploited by a Russian university student as part of this year's Pwnium hacker challenge.

Russian university student Glazunov hacked into a fully patched Windows 7 machine with a pair of Chrome zero-day flaws as part of this year's Pwnium hacker challenge. he Chrome's engineers have responed immediately with the updated v17.0.963.78 of the browser released today for Windows, Mac, Linux and Chrome Frame.

The release fixes issues with Flash games and videos, along with the security fix related to "UXSS and bad history navigation", according to Google.

Glazunov was awarded $60,000 by Google for the successful hack of the Chrome, at this year's Pwnium hacker challenge.

Glazunov's exploit also bypassed the Chrome sandbox to execute code with full permissions of the logged on user.

The Google browser was also popped by a hacking team from VUPEN and there's speculation that a vulnerability in the Flash Player plugin was exploited in that attack. The Flash Player plugin in Chrome runs in a weaker sandbox than the full browser.
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2024 - All rights reserved -
Privacy policy - Contact Us .