The Latest in IT Security

Chrome hacked


Google Chrome LogoBad news for Chrome users: The security researchers of the security service provider Vupen managed to abuse a currently unknown and non-published security vulnerability in the web browser and to bypass all further security mechanisms like the Chrome sandbox, ASLR and DEP – just by visiting a specially prepared website. In effect they silently could download and start any program without crashing Chrome, with medium integrity level (thus no driver installation on system level possible, but malware doesn’t need that necessarily).

According to the news release, Vupen discloses this information only to their governmental customers. They don’t state whether they informed the Google developers, too, so they could fix the issue. As details of the attack aren’t public, Chrome users don’t need to panic. But a new Chrome version may be out very soon.

Dirk Knop
Technical Editor

Leave a reply


THURSDAY, MAY 28, 2020

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments