Google Chrome Pwned by VUPEN aka Sandbox/ASLR/DEP Bypass

I do use Adblock Plus with Firefox 4.0.1 so yes.

Yeah its weird though because it does not seem to be doing it now. Maybe the site was temporarily hijacked?

Here is a pic of the alert itself.

 

It should be in this thread: https://www.wilderssecurity.com/showthread.php?t=298980

WebGL isn't worse than Flash.

 

I actually visited that website as well, when Kees1958 posted it, but I saw no issues with it. Most likely because I got JavaScript, plugins and ads blocked.

About the domain blocked by avast! -http://www.urlvoid.com/scan/sator.vv.cc (More may detect. Browser Defender provides same ratings as Norton SafeWeb, for example.)

Most likely a compromised ad. And, for what I see in avast!'s alert, it would require JavaScript. So, if JavaScript is enabled on a per-site basis, then the PDF exploit wouldn't initiate. If JavaScript is enabled, then if PDF plugin is not, it wouldn't initiate either.

 

Sorry,

Browsed with safe-admin (forced Low-IL Chrome and 1806 on deny).

I have put on GeSWall and Chrome in normal usage, but do not see anything suspicious in the GW log now

 

I went to the geek.com page earlier with IE8 and everything enabled, and nothing out of the ordinary took place.

I downloaded the PDF file shown in the alert and on opening, it attempted to connect out:



Allowing the connection, nothing happened.

Checking that URL directly, it's no longer working, so the exploit - whatever it was - has been cleaned up.

-rich

 

Yeah that exploit was only there for a short period of time. When I first got prompted by Avast I was like whoa. I was able to replicate it twice within a short period of time. Shortly after I notified Ron, and he changed up the links, the site was clean.

I also checked with Avast and they did confirm that it was not a fp. Guess I gotta load noscript at work again on my Firefox.

Also, ~ VirusTotal Results Link Removed per Policy ~.

 

Google Engineers Deny Chrome Hack Exploited Browser's Code

Source: -http://www.pcworld.com/article/227680/google_engineers_deny_chrome_hack_exploited_browsers_code.html

 

How do they know if they don't have access to it?

 

They know it's a buffer overflow attack and they've seen it in action. That's a lot of information for them to figure it out.

I'm not surprised.

 

+1.

 

http://www.pcworld.com/article/227680/google_engineers_deny_chrome_hack_exploited_browsers_code.html

It was in fact a Flash issue. No surprises there, it's obviously the weak link in Chrome.

Picking on Flash in Chrome is quite a cop-out considering that they sandbox differently and Google has far less control over the code.

According to Vupen 10.3 did not solve this issue.

 

Anyway, Google appear to be in denial

 

They're owning up to it. They're just pointing out that it's nowhere near what Vupen claimed. Vupen is acting like they attack Chromium code when, really, they just attacked flash in a google sandbox.

As they say:

 

As long as flash is an integral and bundled part of Chromium, it's completely correct to state that it is a Chromium issue, not a flash issue. Add to that the fact that Chromium even has a unique version of flash specially designed for Chromium.

Twist it how you want but at the end of the day it will be a code change in Chromium that fixes it.

 

It's a flash issue AND a Chrome issue. (Does Chromium come bundled?)

It can be chrome or adobe that fixes this issue. Whoever gets to it first. Either Chrome will patch the code for adobe or Chrome will change the sandbox OR adobe will patch the code.

 

Flash is not bundled with Chromium, AFAIK. Sorry.

 

As long as a plugin has the ability to breach the sandbox, maliciously or not, it's a Chromium issue.

 

Like I said, it's a Chrome AND a flash issue. It's on both Google and Adobe to solve this problem.

 

Let's not forget that the OS in question is Win 7.

And for people who claim that it is this issue or that issue so very emphatically, there is this:

from a link already posted in this thread.

And it's not a Chromium issue. It's a Chrome issue. Even an uneducated person will understand the difference and keep bias under control.

 

You insulting me ? Only kidding

Well i'm not super heducated, officially & i don't know the difference. That's because i've mainly always used & been concerned with FF & previously IE.

 

"As Google Chrome Usage Increases, more Vulnerabilities will come up".
Time will tell...

 

+1.

I think the Google team is doing a wonderful job considering it is dividing its focus over a variety of operating systems and various versions of the same operating system and still has the least vulnerable browser.

 

Even an uneducated user knows that Chrome is simply Chromium repackaged by Google. Do you ACTUALLY think Google is adding the ability for plugins to break the sandbox? Please, think before you post.

 

The same applies to you. Some of your posts border on trolling.

 

Just an update to my exploit that I posted about last week.

Read this.