Share

Top 5 Stories

News

Security firm drives steamroller through Chrome, Windows 7 security

10 May 2011

A French IT security firm - Vupen - has severely cracked Google's Chrome browser by bypassing the browser's integrated `sandbox' security features, as well as Windows 7's equally integrated anti-exploit systems.

"We are (un)happy to announce that we have officially Pwnd Google Chrome and its sandbox", says the company in its latest security blog, adding that the company has posted a YouTube video to highlight its methodologies.

The exploit shown in the video, says Vupen, is one of the most sophisticated codes yet seen, since it bypasses all of Chrome’s security features, including ASLR/DEP/Sandbox.

"It is silent - i.e. no crash after executing the payload - and relies on undisclosed (zero-day) vulnerabilities discovered by Vupen and it works on all Windows systems (32-bit and x64)", notes the company

According to Vupen, the YouTube video shows the exploit in action with Google Chrome v11.0.696.65 on Microsoft Windows 7 SP1 (x64).

"The user is tricked into visiting a specially crafted web page hosting the exploit which will execute various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox at medium integrity level", says the firm's blog posting, adding that the Calculator can be replaced by any other payload.

Whilst Chrome has one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years, Vupen says it has revealed a reliable way to execute arbitrary code on any installation of Chrome, despite its sandbox, ASLR and DEP.

The good news, if your company's name starts with `Goo' and end with `gle' is that Vupen says ut has no plans to reveal the code methodology of its crack, or the underlying vulnerabilities.

They are, says the company, "being shared exclusively with our government customers as part of our vulnerability research services."

This article is featured in:
Application Security  •  Data Loss  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×