Printed from http://www.electronista.com

Google Chrome compromised in five minutes at Pwn2Own

updated 09:15 pm EST, Wed March 7, 2012

Chrome security breached almost immediately

Google saw an end to a brief streak on Wednesday after CanSecWest's organizers confirmed that Chrome had been hacked during the Pwn2Own contest. Team Vupen exploited a security hole in the browser within five minutes of the contest's start. The group will be getting at least a $60,000 prize, funded partly by Google itself, as well as 32 points in the still-ongoing contest; it had already found two more vulnerabilities in software at the conference in intervening hours.

Exact details of the hole weren't detailed, but it was a zero-day exploit that successfully escaped Google's sandboxing and ran code.

The hack was prepared in advance and was likely helped by Google's own willingness to add significantly to the prize pool to test Chrome. It nonetheless undermines Google's insistence that Chrome is safe and shows it to not necessarily be safer in the real world than previous Pwn2Own targets like Safari. Google was one of the first to implement sandboxing, where any breach in a given browser tab or plugin is supposed to be blocked from compromising other parts, but it's now proven that the practice isn't a guarantee against exploits.

Most other browsers now have at least some form of sandboxing, whether for plugins or browser tabs.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News