[ISN] Google Chrome exploit fetches "Pinkie Pie" $60, 000 hacking prize

From: InfoSec News <alerts_at_private>
Date: Thu, 11 Oct 2012 02:23:59 -0500 (CDT)
http://arstechnica.com/security/2012/10/google-chrome-exploit-fetches-pinkie-pie-60000-hacking-prize/

By Dan Goodin
Ars Technica
Oct 10 2012

Google Chrome exploit fetches "Pinkie Pie" $60,000 hacking prize A win 
for Pinkie Pie and Google, as a fix is released within 12hrs of the 
exploit.

A hacker who goes by "Pinkie Pie" has once again subverted the security 
of Google's Chrome browser, a feat that fetched him a $60,000 prize and 
resulted in a security update to fix underlying vulnerabilities.

Ars readers may recall Pinkie Pie from earlier this year, when he 
pierced Chrome's vaunted security defenses at the first installment of 
Pwnium, a Google-sponsored contest that offered $1 million in prizes to 
people who successfully hacked the browser. At the time a little-known 
reverse engineer of just 19 years, Pinkie Pie stitched together at least 
six different bug exploits to bypass an elaborate defense perimeter 
designed by an army of some of the best software engineers in the world.

At the second installment of Pwnium, which wrapped up on Tuesday at the 
Hack in the Box 2012 security conference in Kuala Lumpur, Pinkie Pie did 
it again. This time, his attack exploited two vulnerabilities. The 
first, against Scalable Vector Graphics functions in Chrome's WebKit 
browser engine, allowed him to compromise the renderer process, 
according to a synopsis provided by Google software engineer Chris 
Evans.


Pounding on sand

Even then, Pinkie Pie encountered a predicament that is growing 
increasingly common among software exploiters. A security sandbox acts 
as a boundary that quarantines HTML and other types of browser content 
so it doesn't interact with more sensitive parts of a computer's 
operating system. And Chrome utilized one that prevented Pinkie Pie's 
exploit from doing much more than crashing the machine. With Microsoft's 
Internet Explorer and Apple's Safari browser offering similar defenses, 
the ability to craft drive-by Web exploits that remotely execute 
malicious code is getting significantly harder. A comprehensive study 
from last year found Google's sandbox was far more restrictive than 
Microsoft's, although some people have discounted that finding because 
the report was commissioned by Google.

[...]


--
Get your CEH, CISSP or ISSMP with ExpandingSecurity.com Live OnLine classes that will not wreck your schedule.
Come to a free class and see how good our program really is. Free weekly PainPill: http://www.expandingsecurity.com/PainPill
Received on Thu Oct 11 2012 - 00:23:59 PDT

This archive was generated by hypermail 2.2.0 : Thu Oct 11 2012 - 00:18:41 PDT