by a Thinker, Sailor, Blogger, Irreverent Guy from Madras

Google Chrome 25 fixes Pwn2Own exploit


Wow!  Just a few hours back Firefox released 19.0.2 to fix a security exploit showcased in Canwest Pwn2Own contest in Vancouver, Canada.  All the 3 major browsers, IE10, Google Chrome 25 and Firefox 19.0.1, were hacked - though in different ways.

Within hours (minutes ??) Google also released a bug fix update Chrome 25.  25.0.1364.160 for Windows, Mac, and Linux and fixes a Type confusion in WebKit.

As per MWR labs blog, they demonstrated a full sandbox bypass exploit against the latest stable version of the Google Chrome 25.0.1364.152  browser on a Windows 7 laptop.

MWR demonstrated that by visiting a malicious webpage,  it was possible to exploit a vulnerability, gain code execution in the sandboxed renderer process and bypass the sandbox with system privileges.

Again, this is a history of sorts.  Google Chrome fixing a browser within 24 hours of a security exploit disclosure.  So update to Google Chrome 25.0.1364.160, to close the breach.

Way to go Google and Mozilla.  Quick work.  Impressive!


google_chrome_25_fixes_pwn2own_exploit


1 comment:

  1. Thanks for this wonderfully written blog, If you are finding any kind of problem with your chrome browser then can use google chrome help who will solve all the problem related to your chrome.

    ReplyDelete

Support - Donate

Your Blog is

Donate thro ECWID

Contact Form

Follow by Email