Google had thrown down the gauntlet: $ 60 000 for those who could pierce its browser Chrome
Sergey Glazunov , Russian university student, has collected his glove and he found $ 60,000 inside: it took him only 5 minutes to pierce the browser of Google.
It all happened during ' Pwn2Own2012 ' , an annual event dedicated to the world of hacking and whose goal is precisely to find weaknesses in the different browsers, thus increasing the overall security under consideration do like the ostrich and bury their heads in the sand, does not help!
Sergey Glazunov 's VUPEN team will take home the $ 60,000 provided to disclose all the details of the vulnerability discovery
His attack, although impressive as power, is not for everyone, as stated by Justin Schuh , Head of the security team Chrome :
"His attack was impressive, but it was necessary to achieve a working knowledge of Chrome .."
".. Has not broken the sandbox, but he bypassed. It 'requires a deep understanding of how Chrome works. It is not an easy task to achieve, "
Glazunov has its active cooperation with Google in search of bugs, which might have benefited him, the fact remains that it was a real magician, able to take in less than 5 minutes in full control of a Windows PC with some vulnerabilities in Chrome , which allowed him to bypass the sandbox of the browser and enter the host system
This reminds us, if anything there we forget, that the vulnerabilities in various software, put in jeopardy all the systems they run!
Meanwhile, Google has announced that the fix for this vulnerability is being prepared and will probably be released with the next updates
0 comments:
Post a Comment