Chrome on Windows 7 exploited

Discussion in 'other security issues & news' started by Hungry Man, Mar 6, 2013.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    http://labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013/

    Just another reminder that if your kernel isn't secure, the system isn't secure. An attacker doesn't care if they're at untrusted integrity as long as they have unrestrained access to the kernel.

    Wrote about this on my site, but there's no crazy new information there, so it doesn't seem worth linking to.
     
    Last edited: Mar 7, 2013
  2. Re: Chrome on Windows 8 exploited

    And, more to the point, proving that even the current top of the line desktop is worth zilch against a skilled human attacker.
     
  3. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    209
    Re: Chrome on Windows 8 exploited

    Actually it was Windows 7. They’ve posted a pic on their Twitter page. See: -https://twitter.com/mwrlabs/status/309480564665245700/photo/1-
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Chrome on Windows 8 exploited

    Yeah, seems that you're correct.
     
  5. DBone

    DBone Registered Member

    Joined:
    Nov 24, 2010
    Posts:
    1,041
    Location:
    SoCal USA
    Re: Chrome on Windows 8 exploited

    No one is touching my kernel
     
  6. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    Re: Chrome on Windows 8 exploited

    It the attack involved Chrome and Windows 7 (not 8 ), the thread's title needs to be changed.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Chrome on Windows 8 exploited

    Done. Not that it makes a difference.
     
  8. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,954
    Location:
    U.S.A.
    Thread's Title Changed.
     
  9. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    209
    Re: Chrome on Windows 8 exploited

    lol

    Seriously though, the Chrome devs will be straight on to this. They’re pretty quick at fixing vulnerabilities, especially at these events. I remember last year at pwnium and they had Chrome patched up within twenty four hours I think it was. Microsoft, well that’s another story.

    Exactly. The point remains, regarding the importance of a secure kernal.
     
  10. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,954
    Location:
    U.S.A.
  11. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Re: Chrome on Windows 8 exploited

    The Stable channel has been updated to 25.0.1364.160.
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Re: Chrome on Windows 8 exploited

    So this update addresses the vulnerabilities? :)
     
    Last edited: Mar 8, 2013
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    I don't know if it does or not.
    I'd say there is a good likelihood, and in the event that it does, I wanted the info posted here.
    We'll know soon enough.

    Edit in: Yes, it looks like it is. ;)

    "The Stable channel has been updated to 25.0.1364.160 for Windows, Mac, and Linux. This release contains security fixes.

    Security fixes and rewards:

    Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.

    [180763] High CVE-2013-0912: Type confusion in WebKit. Credit to Nils and Jon of MWR Labs."


    http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_7.html
     
    Last edited: Mar 7, 2013
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,764
    Location:
    Texas
  15. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Got it. Thanks
     
  16. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    That was FAST! :thumb:
     
  17. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Re: Chrome on Windows 8 exploited

    Edit: not enough coffee...

    Cheers, Nick
     
    Last edited: Mar 8, 2013
  18. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Was it Protected Mode or the new Enhanced Protected Mode that they bypassed (Internet Explorer 10 on Windows 8 )? I wish there were more info on it. :D
     
  19. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Default settings were used...
     
  20. pandorax

    pandorax Registered Member

    Joined:
    Feb 14, 2011
    Posts:
    330
    Firefox is also updated.
    https://www.mozilla.org/security/announce/2013/mfsa2013-29.html
     
  21. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    @Nick,

    The kernel exploit was used to get out of the sandbox. Not sure if you mistyped. They used the initial exploit to get into the renderer process, and then the local priv escalation exploit to get system level privilege.

    Wouldn't have made a difference if it were IE10 in EPM or not if they were using a local kernel exploit.
     
  23. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    Mixture of misreading the exploit and mistyping my explanation...

    - but you are spot on :D

    Cheers, Nick
     
  24. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    I wonder if EMET could have made a difference?
     
Loading...
Thread Status:
Not open for further replies.