ID: IRCNE2011051108
Date: 2011-05-10
“CNet” reports that French security firm Vupen said yesterday its team has found a way to bypass security features in Chrome and offers a video demo it says is a successful attack against the browser running on a Windows machine.
According to Vupen, The exploit shown in this video is one of the most sophisticated codes and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it is silent [no crash after executing the payload], it relies on undisclosed (0day) vulnerabilities discovered by VUPEN and it works on all Windows systems (32-bit and x64).
In the video, someone using Chrome v11.0.696.65 on Windows 7 Service Pack 1 (x64) is tricked into visiting a malicious Web page hosting the exploit. Once the machine is compromised, the exploit code downloads a Calculator program from a remote location and launches it outside the sandbox at "medium" integrity level.
"While Chrome has one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years, we have now uncovered a reliable way to execute arbitrary code on any installation of Chrome despite its sandbox, ASLR and DEP," said Vupen.
Vupen said it would not publicly disclose the exploit code or technical details of the vulnerabilities.
A Google spokesman said: “We're unable to verify VUPEN's claims at this time as we have not received any details from them.”
- 4