Page 1 of 1

Security Experts Stunned as Google Chrome Hacked

PostPosted: Tue May 10, 2011 11:17 pm
by crustyasp46
A French security firm says it now knows how to hack its way into Google's Chrome browser. If the claim turns out to be true, it would represent a surprising weakness for a web browser considered by some to be the safest available.

The hack report comes from France's Vupen, which says it was able to sidestep Chrome's defenses -- including the highly reputable sandbox design -- as well as Windows 7's built-in anti-exploit infrastructure.

Report Stuns Security Experts

The exploit is "one of the most sophisticated codes we have seen and created so far, as it bypasses all security features including ASLR / DEP / Sandbox," Vupen reported.

"It is silent (no crash after executing the payload), it relies on undisclosed (zero-day) vulnerabilities and it works on all Windows systems."

The report is a surprise to many since Chrome is considered a very difficult browser to hack.

Sandbox Buffers Between Browser and Operating System

Chrome's sandbox infrastructure is engineered to create a buffer between the browser and the wider operating system (OS), making it much more difficult for a hacker to take advantage of a PC. In theory, sandboxing creates a virtual wall such that a running program has limited access to the 'outside' operating system.

So resilient is Google's web browser sandbox design that white-hat hackers were unable to exploit it at a recent Pwn2Own competition.

Nevertheless, Vupen has not only described how it exploited Chrome on its blog, but it's also posted a video of the process on YouTube. (Source: theregister.co.uk)

Vupen Not Communicating With Google

Google says Vupen never contacted it about the security hole. Therefore, the search giant has been unable to confirm its report. "We're unable to verify Vupen's claims at this time as we have not received any details from them," Google said in a recent statement.

"Should any modifications become necessary, users will be automatically updated to the latest version of Chrome." (Source: computerworld.com)

Had it pursued a different tactic by reporting the issue directly to Google, Vupen may have been privy to a large reward. So far this year Google has already handed out $77,000 in "bug bounties" to various security experts.