A security company VUPEN claims that they were able to successfully perform an attack on Google chrome. According to them v11.0.696.68 and v12.0.742.30. Their attack bypasses the sandbox security mechanisms, and works on Windows 7, 64 bits which has the data execution prevention (DEP) and address space layout randomisation (ASLR) security features.
VUPEN does not give any details on the exploits. They did not even share it with google, which is very unusual. and surprising. They say that they are sharing the exploits with their goverment customers. This is not clear whetther they meant that they are sharing the exploit or the vulnerability and the way to protect from. This means that there is out there a 0dayvunerability that allows to hack into your system just by visiting a malicious website.
1 Comment
|
AuthorDr. Tejeddine Mouelhi Archives
April 2020
Categories
All
|