Google Chrome, the browser that has held its head high for the last four years on a hacking competition, where browsers like Internet Explorer 7 got hacked in two minutes. The competition is an organized one where other browsers too are subjected, and Chrome was the only browser that was able to survive the assault from hackers. Google Chrome’s security features were bypassed successfully by hackers in both Pwn2Own and Pwnium.
Pwn2Own was held by HP and a group of hackers from French security firm VUPEN, lead by its co-founder and head of research Chaouki Bekrar, managed to take complete control of a fully patched 64-bit Windows 7(SP1) machine within five minutes by using two zero-day exploits. The group also claims to have zero-day exploits for Internet Explorer, Firefox, and Safari.
Google runs Pwnium and the money that can be won for your evil know-how comes from a pool of $1 million. Sergey Glazunov, a Russian university student, managed to bypass Google Chrome’s sandbox feature in Pwnium. The hacker has been awarded with a sum of $60,000.
“Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing”. – Chromium blog.
We hope Google along with other developers learn from the existing loopholes and they patch the stuff.