It did not pass a day since Pwn2Own 2014 was vulnerable to Chrome Google and the company just updated its browser version, correcting vulnerability.
Google Chrome 33.0.1750.152 for Mac and Linux and 33.0.1750.154 for Windows fix bugs that allowed Pwn2Own contestants to violate Google's browser.
Researchers at the famous VUPEN were rewarded with $ 100.000 for executing code out of the sandbox and a use-after-free Blink bindings.
This vulnerability and others have been fixed with the new version of Chrome, and Google says it will continue to work with researchers to strengthen the better safety of its programs.
Vulnerabilities Corrected
Congratulations to VUPEN and an Anonymous submission for winning the Pwn2Own competition.
- [$ 100,000] [352369] Code execution outside sandbox. Credit to VUPEN.
- [$ 60,000] [352420] Code execution outside sandbox. Credit to Anonymous.
We should mention the immediate response time for patching the security holes from the company. Όλοι γνωρίζουμε ότι μέχρι να επιδιορθωθούν τα 0Day από την Microsoft για παράδειγμα γίνονται …. 1000Day.
You can download the new version here