Vupen Security and Sergey Glazunov independently managed to penetrate Google Chrome's security defenses at the Pwn2Own and 'Pwnium' contests respectively. The annual competition, which invites ethical hackers from around the world to attempt hacking into the most popular web browsers and in the process expose vulnerabilities and loopholes in the browser's security, while grabbing a handsome reward.
At this year's competition, the co-founder and head of research of Vupen, Chaouki Bekrar and his team managed to break into Google Chrome in less than 5 minutes, in the process quashing talks about the browser's unquestionable security. They used "a pair of zero-day vulnerabilities to take complete control of a fully patched 64-bit Windows 7 (SP1) machine." For the successful break-in, Vupen has won itself 32 points.
Google Chrome security knew that the Flash Player plugin sandbox is significantly weaker and that an exploit against Chrome's Flash Player would have to go through a certain path.Having figured out that Vupen used that technique (from the May video), Google decided to add a specific protection for Flash. The hack qualifies him for one of the top $60,000 prizes that are part of Google's $1 million Pwnium challenge, and could be the launch of a new security career.
VUPEN co-founder Chaouki Bekrar, an outspoken exploit writer who insisted the team deliberately targeted Chrome to prove a point, was uncharacteristically coy when asked if the faulty Chrome code came from Adobe."It was a use-after-free vulnerability in the default installation of Chrome," he said. "Our exploit worked against the default installation so it really doesn't matter if it's third-party code anyway." Bekrar told, Zdnet reports.
IE 9 on Windows 7 was also hacked, again through a complicated hack that had to circumvent the browser's sandbox. Microsoft, however, may not respond so rapidly, as its quality testing procedure usually takes a few months to fix bugs like these.Safari on Mac OS X Snow Leopard, along with Firefox and IE 8 on Windows XP, was also hacked.