The Latest in IT Security

Chrome hacked


Google Chrome LogoBad news for Chrome users: The security researchers of the security service provider Vupen managed to abuse a currently unknown and non-published security vulnerability in the web browser and to bypass all further security mechanisms like the Chrome sandbox, ASLR and DEP – just by visiting a specially prepared website. In effect they silently could download and start any program without crashing Chrome, with medium integrity level (thus no driver installation on system level possible, but malware doesn’t need that necessarily).

According to the news release, Vupen discloses this information only to their governmental customers. They don’t state whether they informed the Google developers, too, so they could fix the issue. As details of the attack aren’t public, Chrome users don’t need to panic. But a new Chrome version may be out very soon.

Dirk Knop
Technical Editor

Leave a reply


MONDAY, MARCH 19, 2018



Latest Comments

Social Networks