Vupen Security and Sergey Glazunov independently managed to penetrate Google Chrome’s security defenses at the Pwn2Own and ‘Pwnium’ contests respectively.
Pwn2Own is an annual computer hacking contest held in March at Vancouver, Canada. Security professionals try and find vulnerabilities in software that were previously unknown (called zero-day attacks and exploits) and gain control over the target system. Winners win a cash prize (in the thousands of dollars) and get to take home the system they’ve hacked.
This year Google also organised an independent competition of the same nature hosted at the exact same location, dubbed “Pwnium” (“Pwn” is slang for hack).
Google’s Chrome browser has had an outstanding security record thanks to Google’s continuos attention and its support towards its open source developers. The browser hasn’t been compromised by a zero-day attack ever since it’s been launched, which is a pretty big thing, considering that Firefox, Internet Explorer (IE) and Safari get hacked every year.
The security researchers had to perform a complicated hack to break through Chrome’s sandbox, which is like a virtual container that prevents web content from interacting with vulnerable parts of the operating system.
Google went to work immediately and has managed to fix the exploit. The details will be revealed only after the company believes a significant number of people have updated their browsers.
IE 9 on Windows 7 was also hacked, again through a complicated hack that had to circumvent the browser’s sandbox. Microsoft, however, may not respond so rapidly, as its quality testing procedure usually takes a few months to fix bugs like these.
Safari on Mac OS X Snow Leopard, along with Firefox and IE 8 on Windows XP, was also hacked.
While the contestants, software companies and event organisers (TippingPoint and Google) usually remain tight-lipped about the discovered vulnerabilities till they’re fixed, current speculation is that one of the Chrome vulnerabilities relate to the Adobe Flash plug-in, while the other one and the IE 9 bug relates to the native browser code, not a third-party plug-in.