topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday March 29, 2024, 12:22 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Google Chrome Hacked, Sandbox Escaped  (Read 5264 times)

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Google Chrome Hacked, Sandbox Escaped
« on: May 11, 2011, 02:39 AM »
One reason new users have been flocking to Google Chrome is the promise of improved security. Its internal Flash plug-in has been repeatedly been patched prior to the old-style NPAPI version for other browsers, it's plugged in to Google's malicious link-checking service in the cloud, and its sandbox has proved impenetrable for more than two years.

Now, VUPEN's research team has successfully exploited Google Chrome and escaped its sandbox. In the proof-of-concept video you'll see the Windows 7 cursors spin with activity while Chrome sits quietly in the background, blissfully unaware of what's about to occur. Yes, it's only Calculator that opens at the end, but that's not the point -- a malicious payload could have been triggered just as easily.

Maybe this explains why my PC is suddenly calculating 5318008 upside down? :huh:

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #1 on: May 11, 2011, 02:44 AM »
Ouch... That's harsh...
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

phitsc

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 1,198
    • View Profile
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #2 on: May 11, 2011, 03:18 AM »
Where I work, IT actually took measures to prevent people from using Chrome. You can install it, but you can't launch the chrome.exe process.

(I had to rename it to something else ;) )

Carol Haynes

  • Waffles for England (patent pending)
  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 8,066
    • View Profile
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #3 on: May 11, 2011, 03:52 AM »
Oh dear ... and that is the current version ...

JavaJones

  • Review 2.0 Designer
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,739
    • View Profile
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #4 on: May 11, 2011, 03:20 PM »
Ouch indeed, however with the frequency Google puts out updates and the fact that Chrome is automatically updated for end-users by default, it has the best chance of any of the browsers to at least fix an issue like this and get it out to users fast. No other browser I can think of has as high a likelihood of addressing this problem within a short time period due in part to the (sometimes reviled) practice of auto-updating. Google also pays a good bounty for stuff like this, so it's win-win (provided it doesn't get exploited maliciously in the wild before an update is available). Here's hoping.

- Oshyan

phitsc

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 1,198
    • View Profile
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #5 on: May 11, 2011, 03:29 PM »
I don't know. I think I've read somewhere that of the popular browsers, Chrome was indeed found to be the most vulnerable one. But I think that was a report sometime end of last year.

Edit: here's something from Nov. 2010: http://www.favbrowse...-chrome-and-firefox/

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #6 on: May 12, 2011, 06:54 PM »
It seems that things may be quite a bit different than initially reported:

'As usual, security journalists don't bother to fact check,' said Tavis Ormandy, a Google security engineer, in a tweet earlier Wednesday. 'Vupen misunderstood how sandboxing worked in Chrome, and only had a Flash bug.' Chris Evans, a Google security engineer and Chrome team lead, tweeted, 'It's a legit pwn, but if it requires Flash, it's not a Chrome pwn.'

Computer World - Google engineers deny Chrome hack exploited browser's code

As noted also in today keynote at Google I/O, at the moment Flash on Chrome is partially sandboxed; it too (like web pages / tab are now) will be full sandboxed in the near future. Anyway, for the moment, a partial sandbox, in addition to the Flash automated update, is far better than nothing.

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Google Chrome Hacked, Sandbox Escaped
« Reply #7 on: May 12, 2011, 07:14 PM »
"We will not help Google in finding the vulnerabilities," said Chaouki Bekrar, Vupen's CEO and head of research, in an email reply to questions. "Nobody knows how we bypassed Google Chrome's sandbox except us and our customers, and any claim is a pure speculation."

Last year, Vupen changed its vulnerability disclosure policies when it announced it would no longer report bugs to vendors -- as do many researchers -- but instead would reveal its work only to paying customers.

Does this mean that Vupen are black hat hackers? Or they're white hat hackers using blackmail?