Chrome Security

Pwnium Ends, 5 Vulnerabilities Found and 4 Patched – Chrome Security Team Gets Remaining $880,000?

by Dinu

Pwnium 2012 has concluded with 5 critical vulnerabilities of Google Chrome released and 4 of them patched with 2 stable updates this week. Well, that explains why your Chrome was downloading updates more than usual. Total $120,000 has been paid out to two hackers/security experts and if I am reading this correctly, renaming 880,000 will go to the Chrome security team. That’s a really nice way to appreciate their hard work!

The second patch went out Saturday, March 10, 2012 fixing the vulnerability which helped PinkiePie gain access of a Windows7 PC by visiting a website using Chrome. Here are the hilights from this blogpost.

chrome security Pwnium Ends, 5 Vulnerabilities Found and 4 Patched Chrome Security Team Gets Remaining $880,000?

Congratulations to PinkiePie (aka PwniePie) for a beautiful piece of work to close out the Pwnium competition!

We’re delighted at the success of Pwnium and the ability to study full exploits. We anticipate landing additional changes and hardening measures for both CVE-2011-3046 and CVE-2011-3047 in the near future. We also believe that both submissions are works of art and deserve wider sharing and recognition. We plan to do technical reports on both Pwnium submissions in the future.

  • [Like a b-b-b-b-boss!!! $60,000] [117620] [117656] Critical CVE-2011-3047: Errant plug-in load and GPU process memory corruption. Credit to PinkiePie.


Can Anyone Hack A Browser in 5 Minutes?

I came across an interesting piece of “rant” on Google Plus which discusses a few items around Pwn2Own and such hacking contests. It is an interesting read. Here is what i liked the most.

Normally, teams prepare exploits in advance and then arrive at the contest, sit down, and use them — leading to true but misleading headlines like “XXX Browser hacked in 5 minutes at Pwn2Own!” …Well, probably days to months of preparation, really.

In any case, in the three previous years Chrome has been public (and thus been included) no one had touched us. By contrast, the only other browser to make it through one of those contests unexploited was Firefox — and it did it once.

Read the entire post here.

An Interesting Comment I received For My Last Post.

PAEz posted the following when I discussed about a “teenager” hacking Chrome. I agree with him completely on this, so I am re-posting it here for everyone.

No offense but I dont see a teenager cracking Chrome to be embarrassing. Teenagers can do some amazing code. Their young creative brains, mixed with their lack of experience can enable them to think outside the box better than someone with experience. Experience brings beliefs that constrict the way they think, while a young persons brain can buzz with new ways of thinking and looking at problems.

Google Chrome Gets Hacked Again – This Time By A Teenager – Another $60k Reward!

by Dinu

Pwnium  is in progress and we have a second full Chrome pwn, interestingly by a Teenager who will get $60,000 from Google as announced.The hacker who identified himself only as PinkiePie said he spent the past week and half working on the attack. It combined three previously unknown vulnerabilities to gain full system access to a Dell Inspiron laptop that ran a fully patched version of Chrome on top of the most up-to-date version of Windows 7.

This is the second full attack of Google Chrome during the conference. The first hack was by Sergey Glazunov who also won $60,000 from Google. 5 Chrome vulnerabilities have been found as part of these two hacks and 2 of them have been patched.

chrome security Google Chrome Gets Hacked Again This Time By A Teenager Another $60k Reward!

While “Pinkie Pie” was previously unknown to onlookers here, Googlers described him as a “known and respected security researcher.” He said he never considered selling the vulnerability to third-party brokers.  ”I’ve never sold a vulnerability before.”

Strangely, which sandbox escapes are rare, Pinkie Pie said the easiest part of his attack was jumping out of the Chrome sandbox after the initial exploit.

“I got lucky because I found a way [to jump out of the sandbox] very early.  I figured it out by looking at it carefully,” he added. He declined to discuss specifics of the vulnerabilities or the exploit techniques, deferring comments to Google representatives.

So, now we can wait for another patch from the Google team fixing this vulnerability.

chrome security Google Chrome Gets Hacked Again This Time By A Teenager Another $60k Reward!

For many, this will be a reason to say, “See, Chrome is not as secure as you think” Yes, we have to agree, no software is perfect. But this move from the Chrome team of encouraging security researchers to find vulnerabilities of the browser and patch them before “bad guys” get their hands on them,  I must call it “Smart

How Google Set a Trap For Pwn2Own Exploit Team

by Dinu

Did Google plan something ahead of the Pwn2Own so that they can find out what exactly the VUPEN  team was using to hack in to Chrome?

Okay, to understand the story completely, I need to remind you all about this post. Security research group at VUPEN posted a video of their exploit breaking Chrome’s sandbox.

When the news came out, Chrome team claimed that the flawed code came from Adobe, one of the plugins used by Chrome, but it comes pre-installed with the browser. To confirm this, Google needed access to the exploit, pwnium helped.

On March 5, the protection was added to Google Chrome 17.0.963.65.  When the protection triggers, it generates a very unique signature — 0xABAD1DEA — which is hexidecimal that spells out “a bad idea.” The protection was meant to make the browser resilient to certain attacks but in a bit of cat-and-mouse, it was left in there to see if anyone would find it and make a public comment.

The VUPEN team arrived at CanSecWest and during testing of its exploits for Pwn2Own, they stumbled into the exception.  VUPEN exploit writer confirmed on Twitter:

chrome security How Google Set a Trap For Pwn2Own Exploit Team

So, that gave Google a confirmation that VUPEN is using Adobe’s flawed code to gain access to Chrome’s sandbox.

VUPEN co-founder Chaouki Bekrar, an outspoken exploit writer who insisted the team deliberately targeted Chrome to prove a point, was uncharacteristically coy when asked if the faulty Chrome code came from Adobe.

”It was a use-after-free vulnerability in the default installation of Chrome,” he said. “Our exploit

Got the story?

via Zdent

Google Chrome Hacked in 2 Minutes At Pwn2Own 2012

Finally, that day has come. After two years staying unreachable to hackers during annual Pwn2Own security conference, Chrome got hacked this time, that, became the first browser to lose the battle. Well, its ironic that this news comes just after the announcement from the US State Department that they will be deploying Chrome on all their [...]

Read the full article →

Hack Chrome and Win $1 Million!! (And A Chromebook)

Google Chrome has a good performance record in the pwn2own annual conferences. This year, the team has come with some attractive offers for those who can hack Chrome, you can win up to $1 million if you are successful. Here are the hi-lights from the Chromium blog post. While we’re proud of Chrome’s leading track [...]

Read the full article →

Google Chrome Will Support “Do Not Track” Soon

Meet the new security feature coming to Chrome, “Do Not Track” It is already available for Firefox, IE and Safari. Google will ad this feature to Chrome by end of the year. So, What Is “Do Not Track” Well, it does pretty much the same thing as what the name says. Here is the official [...]

Read the full article →

Chrome To Get More Secure Password Management With New Password Generator

It’s better to use different passwords for different websites but I end up using the same for all because that’s more easy to manage. I also know that its better to have passwords with extra characters, symbols signs and numbers, but that’s too tough to remember. What if Chrome helps you have such strong passwords, [...]

Read the full article →

German Government’s Federal Office For Information Security Recommends Chrome

A great news for Google Chrome team, and us, users. BSI, a German government agency, has recommended Google Chrome as part of a best practice for Windows users. “The Bundesamt für Sicherheit in der Informationstechnik (abbreviated BSI – in English: Federal Office for Information Security) is the German government agency in charge of managing computer [...]

Read the full article →

A Bug that Allows Remote Code Execution in Chrome?

Mitja Kolsek, CEO of ACROS Security has written a detailed article here explaining a security bug in Chrome which may let hackers run remote code in Chrome. Even when Google is not accepting this as a bug, but just a “strange behavior” , Mitja has provided a detailed analysis and suggestions in his article. Here is his conclusion. [...]

Read the full article →

Microsoft Security Essentials Says Chrome is a Virus? Here Is How to Fix it

Google Chrome was accidently marked as malware on Microsoft Security Essentials recently. It started deleting the browser from users’ computers. Here is the fix from Google Chrome team. It gives to steps to correct the issue and re-install the program.  We are releasing an update that will automatically repair Chrome for affected users over the [...]

Read the full article →

← Previous Entries