Skip to main content

Google patches $60k Chrome hole in 10 hours

posted onOctober 15, 2012
by l33tdawg

Google has fixed a hole in its Chrome browser that earned a white hat hacker $60,000 at the recent Pwnium 2 hacking contest.

The company released the fix for the vulnerability on Wednesday, around 10 hours after it was revealed at the Pwnium competition at 'Hack in the Box 2012' contest in Kuala Lumpur, Malaysia on Tuesday. The hacker — who goes by the name of 'pinkie pie' — found the vulnerability in the browser by combining two separate exploits, and netted a cool $60,000 for his discovery, as well as a free Chromebook.

"We're happy to confirm that we received a valid exploit from returning pwner, Pinkie Pie. This pwn relies on a WebKit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox," Chris Evans, a Chrome engineer, confirmed on the Chromium blog.

Source

Tags

Google Chrome Security HITB HITB2012KUL

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th