Google Chrome breached at Pwn2Own and Pwnium

[Jos]

Ending a three-year streak coming out unharmed at organized hacking challenges, Google's Chrome browser was breached at "Pwn2Own" and the company's own "Pwnium" event yesterday, both of which are running simultaneously at the CanSecWest security conference in Vancouver.

French security company Vupen was responsible for the first hack and it only took them about five minutes after the contest's kick off. The exploit leveraged two bugs, one to bypass DEP (data execution prevention) and ASLR (address space layout randomization) on Windows, which are designed to prevent malicious code execution even when a vulnerability is found, and a second one to bypass the Chrome sandbox.

The company didn't disclose other details besides saying that the vulnerable component was found in the "default" installation of the Google browser. That detail led several people to speculate that Vupen may have exploited the built-in Adobe Flash plugin to access more sensitive parts of the operating system.

Vupen also developed an attack for version 8 of IE running on Windows XP, Safari 5 on OS X Snow Leopard, and Firefox 3 on Windows XP. The company said it will sell the rights to one of the zero-day vulnerabilities but it won’t give up the sandbox escape: "We are keeping that private, keeping it for our customers."

TippingPoint's annual Pwn2Own hacking competition changed some of its rules this year and no longer requires entrants to reveal all the details about exploits used to compromise security. Google called this change "worrisome" and decided to withdraw its support, promoting its Pwnium challenge instead with a prize pool of up to $1 million. Needless to say, security researchers were up for the challenge.

Sergey Glazunov, a Russian university student participating in the Pwnium contest successfully hacked a PC running Chrome to claim a $60,000 prize from Google. Interestingly, Glazunov also used a previously undiscovered exploit specific to Chrome to bypass the browser's sandbox restriction.

Both challenges run for three days so new exploits might surface until Friday.

Permalink to story.

https://www.techspot.com/news/47712-google-chrome-breached-at-pwn2own-and-pwnium.html

 

[3DCGMODELER]

cool....
If they Smart, They would Hire the Hackers...

 

[Lurker101]

This sounds like a big win for Google.

 

[Guest]

"The exploit leveraged two bugs, one to bypass DEP (data execution prevention)"

I'm confused here. Does Chrome have the ability to bypass DEP by itself??

 

[Guest]

Why hire them? This is so much cheaper for Google.

 

[anguis]

Firefox 3 on Windows XP...why so old?

 

[lipe123]

Meanwhile in the real world the #1 threat is the giant banner at the top that goes "Congratulations you won *insert gigantic BS prize here*, click here and accept the agreement!!!" or "You qualified to win an iPad3! click continue on the next screen to claim your prize"

Instead of targeting these high level exploits that only occur in very controlled environments and almost never under normal circumstances they should set up a prize reward for every site that has a misleading banner that results in a malware installation.

 

[Guest]

Because Windows XP still has more market share then any other Windows OS.

 

[Guest]

The company said it will sell the rights to one of the zero-day vulnerabilities but it won’t give up the sandbox escape: "We are keeping that private, keeping it for our customers."

Would those customers be a number of three letter acronyms? And maybe a few internet frauds just to add some color to the mix?
This is one of those companies that deserves getting sued.

 

[Guest]

After discovering the browser Maxthon, Chrome is pretty much history in my book. It is amazing how little appreciation Maxthon receives; best browser I have ever tried.

 

[Guest]

I hope the student who got the $60,000 used the same exploit of the sandbox, making their discovery useless or at least less valuable. Even if it was not the same, Google now knows that it exists and will probably find it themselves.

 

[Guest]

It does not appear Maxthon has downloads for iOS or Linux. Too bad, it looks pretty nice.

 

[SNGX1275]

After discovering the browser Maxthon, Chrome is pretty much history in my book. It is amazing how little appreciation Maxthon receives; best browser I have ever tried.

Probably didn't help that its history began with IE.

I know how you feel though, I'm an Opera user. It gets only slightly more attention than Maxthon. Nearly all benchmarks include: IE, FF, Chrome. IE is probably only included now in benchmarks 'for the lulz'.

 

[PinothyJ]

3dcgmodeler said:
cool....
If they Smart, They would Hire the Hackers...

I do not even need to comment on this lovely piece of insight ^^…

 

[jester376]

3dcgmodeler said:
cool....
If they Smart, They would Hire the Hackers...

You know there's no doubt in my mind that they do hire these guys. On the Pwnium Constest, however, they probably wont hire the Russian student since he is still attending college. However, I am willing to bet that they are gonna offer him a Part-Time or Full-Time Internship.