Currently set to No Index







Google Chrome Browser Cracked

2 minutes 0 comments
Art
Art
Web Hosting Geek

Vupen Security, a group specializing in vulnerability research, claims to have broken through the Google Chrome browser as well as the sandbox thus denting claims regarding the security of the browser. A video was recently released on Vupen’s website displaying the exploit from Google Chrome v11.0.696.65 using Microsoft Windows 7 SP1 (x64). The exploit is also effective on Google Chrome versions 11.x and 12.x

The Exploit

A user visiting the page is tricked into thinking they are at the correct web page that hosts the exploit which executes a variety of actions that end in downloading the Calculator from a remote location to externally launch it from Google Sandbox.

RELATED:   Several Security Risks and How to Avoid Them

Technical Details

According to Vupen, the exact details of the breach including the code have not been publicly disclosed and will only be shared with their government customers to prove the effectiveness of their services. The exploit has been noted as one of the most sophisticated codes as it completely bypasses all security features such as ASLR/DEP/Sandbox.

Also, the vulnerability does not crash following the execution of the exploit and it relies on zero-day vulnerabilities found by Vupen Security while working within a Windows system. Chrome is said to be one of the most secure sandboxes in the industry. Vupen is the first to find a reliable method of executing code on a default installation regardless of the security measures.

RELATED:   How To Connect To Your Server Using SSH

Chrome Security Features

Chrome was developed with advanced security technologies like Safe Browsing, auto updates and sandboxing to protect its users from malicious activities. Therefore, the browser shows the user a warning message before they visit the website. Meanwhile, the sandbox feature adds protection by eliminating web pages that leave malicious programs on a local computer while monitoring web activities.

The Vupen Team

Furthermore, the software analyzes and patches known flaws and other vulnerabilities. The Vupen Security team is dedicated to uncovering new vulnerabilities across widely used software to assist vendors with the elimination of vulnerabilities resulting in an airtight software program. However, since Vupen is under contract with the vendor, they are never allowed to release the exact technical details found with the security exploit.

RELATED:   The Four Easy Steps to Getting Your Website Back Online Quickly When Your Host Goes Down

Although it was difficult, cracking the Google Chrome web browser will significantly help the company improve security to make it almost impossible for any hacker to develop an exploit. In this situation, Vupen has definitely done their job well by helping the largest search engine company in the world.

, , , , ,

Art

An independent Internet professional currently living in LA, California. Helping people and businesses prosper online since 2006.

Art

Related Posts

A Crash Course in Color Theory for Non-Creatives
A Crash Course in Color Theory for Non-Creatives

Color is a sight and emotion-based element. If you want to keep your brand strong and work well with a design project, it pays to know why color has so...

Updating Your Company’s Mobile Collaboration Policy
Updating Your Company’s Mobile Collaboration Policy

Every year we see some more shift in mobile collaboration: employees become more mobile, workplaces are redefined, partners and customers require more mobility and quicker access. These shifts bring more...

IT Budget: Pinch Pennies Without Hurting Operations
IT Budget: Pinch Pennies Without Hurting Operations

Expected or not, as an IT manager, you may come into a situation where you have to cut your budget or put your staff – or maybe yourself – at...

Will Google Glass Change Society for the Worst?
Will Google Glass Change Society for the Worst?

The mobile phone is accused of killing face-to-face human interaction. Facebook is now inserting suggested pages and advertisements that are making users very angry. What can be expected from Google...

CIO Perspective: How To Keep Your Sanity In a Merger/Acquisition
CIO Perspective: How To Keep Your Sanity In a Merger/Acquisition

During the past months, I was a consultant in two acquisition issues in one small and one medium sized company. Financial, accounting and inventory issues were draining the employees’ and...

What Makes a Successful e-Commerce Site?
What Makes a Successful e-Commerce Site?

If one wants to explore the history of e-commerce, it will most likely point to eBay. While the web was still fairly young and many companies still were not hooked...

post thumbnail
E-Commerce Tips: Choosing the Best Font Size for a Website

On an e-commerce website, all font, text, and content should be easy to read, properly formatted and well-presented so the customer is able to make an informed decision about the...

IT Budget: Strengthen Your Security With No Additional Investment
IT Budget: Strengthen Your Security With No Additional Investment

Data breaches are becoming regular news – from mid-sized businesses to large enterprises, everybody is taking some hit. Your company may be small, even a small family business but you...

IT Managers: Where To Use Self-Service To Save Time
IT Managers: Where To Use Self-Service To Save Time

IT managers for years are pressed by the cliché of “doing more with less.” IT pros already have their daily tasks of user requests, incidents, maintenance issues, upgrades and infrastructure...

Will Google Panda Kill Cool 404 Error Pages?
Will Google Panda Kill Cool 404 Error Pages?

Last week we covered some of the expected effects of Google Panda 4.0 and how it aims at cleaning up the web. One of the steps it will take is...

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *