Insecurity experts find hole in Chrome

Insecurity experts at Vupen have discovered that hackers have got into Google Chrome and its sandbox.

According to the video below, the attack is one of the most sophisticated codes as it bypasses all security features, including ASLR/DEP/Sandbox.

There is no crash after the payload is executed so the user is completely oblivious to the fact they have been hacked. The code relies on undisclosed zero day vulnerabilities discovered by Vupen and it works on all Windows systems.

The video shows the exploit with Google Chrome v11.0.696.65 on Microsoft Windows 7 SP1 (x64).

Under the attack scenario the user is tricked into visiting a specially crafted web page hosting the exploit, which will execute various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox.

Chrome has a reputation for having one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years.

Now it seems that Vupen has uncovered a reliable way to execute arbitrary code on any installation of Chrome despite its sandbox, ASLR and DEP.

Vupen has told Google and will only share details of the hack with its government customers as part of its vulnerability research services. So the rest of you should be very careful about what you open in Chrome.