It did not pass a day since Pwn2Own 2014 was vulnerable to Chrome Google and the company just updated its browser version, correcting vulnerability.
Google Chrome 33.0.1750.152 for Mac and Linux and the version 33.0.1750.154 for Windows fix the errorτα που επέτρεψαν στους διαγωνιζόμνους του Pwn2Own να παραβιάσουν το πρόγραμμα περιήγησης της Google.
The researchers of the famous VUPEN were rewarded with $100.000 for running code outside the sandbox and a use-after-free on Blink bindings.
This vulnerability and others have been fixed with the new version of Chrome, and Google says it will continue to work with researchers to strengthen the better safety of its programs.
Vulnerabilities Corrected
Congratulations to VUPEN and an Anonymous submission for the Pwn2Own competition.
- [$ 100,000] [352369] Code execution outside sandbox. Credit to VUPEN.
- [$ 60,000] [352420] Code execution outside sandbox. Credit to Anonymous.
Θα πρέπει να αναφέρουμε τον άμεσο χρόνο αντίδρασης για την επιδιόρθωση των κενών ασφαλειας από την εταιρεία. Όλοι γνωρίζουμε ότι μέχρι να επιδιορθωθούν τα 0Day από την Microsoft for example they become ... 1000 Days.
You can download the new version here