Printed from http://www.electronista.com

Google patches first major Chrome exploit

updated 09:45 am EST, Fri March 9, 2012

Google Chrome gets immediate security patch

Google sent word that it had already patched the Chrome exploit demonstrated in CanSecWest's Pwn2Own side contest, Pwnium. Linux, Mac, and Windows versions, along with the Chrome Frame plugin for Internet Explorer, should all be secure today. It's now known to have involved universal cross-site scripting and "bad history navigation," although wider details wouldn't be published until most users of Chrome and other WebKit-using browsers like Safari were using secure versions.

The exploit was credited to one Vupen team member, Sergey Glazunov, who gets the $60,000 price Google and CanSecWest organizers had arranged.

Finding the particular exploit was a milestone for Google, as it represented the first real crack to break Chrome's sandboxing. Google has encouraged white hat hackers to try and break Chrome and help it improve security, but it has also argued that Chrome was inherently safer and touted the lack of attacks as proof its sandboxing worked.

The Chrome exploit breaks a minor tradition of Pwn2Own hacks being targeted against Apple first, such as against the iPhone 4 or desktop Safari.



By Electronista Staff
toggle

Comments

  1. testudo

    Forum Regular

    Joined: Aug 2001

    +1

    duh

    although wider details wouldn't be published until most users of Chrome and other WebKit-using browsers like Safari were using secure versions.

    So it's a WebKit issue, not a Chrome issue, per se?

    The exploit was credited to one Vupen team member, Sergey Glazunov, who gets the $60,000 price Google and CanSecWest organizers had arranged...
    The Chrome exploit breaks a minor tradition of Pwn2Own hacks being targeted against Apple first, such as against the iPhone 4 or desktop Safari.


    Minor tradition vs. 60k? Gee, that's not a hard choice.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, it's not exactly something most people put a lot of thought into. Printers are often touted as f ...

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...

Advertisement

toggle

Most Commented

 
toggle

Popular News