0-Day exploit bypasses Chrome sandbox

Discussion in 'Security and Anti-Virus Software' started by Hungry Man, May 9, 2011.

Thread Status:
Not open for further replies.
  1. sarge_

    sarge_ Notebook Deity

    Reputations:
    288
    Messages:
    896
    Likes Received:
    1
    Trophy Points:
    31
    I wonder how many gems like this are not public.
     
  2. Hungry Man

    Hungry Man Notebook Virtuoso

    Reputations:
    661
    Messages:
    2,357
    Likes Received:
    0
    Trophy Points:
    55
    Probably not a lot. In fact probably none. You can make a lot more money by selling these than somehow hoarding them for yourself.
     
  3. ikovac

    ikovac Cooler and faster... NBR Reviewer

    Reputations:
    872
    Messages:
    1,637
    Likes Received:
    0
    Trophy Points:
    55
    I think system should have protection layers set like this:
    1. Edit: blacklisting (useless for 0-day exploits, but good and fast for known malware)
    2. Sandbox (give me a chance to react and decide - but the way how Comodo does it - all is untrusted despite signings and trusted installers)
    3. HIPS (something is rotten in the system - let me investigate)

    So if sandbox failed HIPS should catch it and stop it.

    If HIPS failed then the Cleaning tools come in (CCE, MBAM and other heavy guns).

    If that failed - reformat disk :).

    So if Chrome sandbox was breached, either some other sandbox or HIPS should catch it.
     
  4. Baserk

    Baserk Notebook user

    Reputations:
    2,503
    Messages:
    1,794
    Likes Received:
    1
    Trophy Points:
    56
    Exactly that is being discussed (on Chrome) at WildersSecurity forum; link
     
  5. Pirx

    Pirx Notebook Virtuoso

    Reputations:
    2,999
    Messages:
    3,005
    Likes Received:
    415
    Trophy Points:
    151
    Looks like you mean blacklisting, not whitelisting. Whitelisting would work perfectly fine for any known or unknown threats, but it is usually considered too cumbersome in practical use.
     
  6. ikovac

    ikovac Cooler and faster... NBR Reviewer

    Reputations:
    872
    Messages:
    1,637
    Likes Received:
    0
    Trophy Points:
    55
    Thanks - blacklisting was what I meant. I must be a negative man :eek:
     
  7. trvelbug

    trvelbug Notebook Virtuoso

    Reputations:
    912
    Messages:
    3,953
    Likes Received:
    25
    Trophy Points:
    116
    i just updated my chrome to 11.696.68
    dont know if that fixes this exploit tho
     
  8. davepermen

    davepermen Notebook Nobel Laureate

    Reputations:
    2,972
    Messages:
    7,791
    Likes Received:
    0
    Trophy Points:
    205
    big failure of google: they state it's not a chrome exploit, as they used flash.

    does that matter? it's software i downloaded from google, called chrome, and it has, bundled with it, a special from-them verified version of flash with a special sandbox handling it. so it's still their problem.
     
  9. Hungry Man

    Hungry Man Notebook Virtuoso

    Reputations:
    661
    Messages:
    2,357
    Likes Received:
    0
    Trophy Points:
    55
    Do you have a link?

    I'm not surprised that it's flash and while I understand that it's not Google's product I do agree with you.
     
  10. Hungry Man

    Hungry Man Notebook Virtuoso

    Reputations:
    661
    Messages:
    2,357
    Likes Received:
    0
    Trophy Points:
    55
    An interesting article on the subject:
    Chrome Hack Denied By Google Engineers

    It is in fact a flash exploit. Naturally the Google engineers are a bit peeved.

    Vupen was making it out to be a flaw in Chrome's code but the fact is this was a flash issue and a flash sandbox issue.
     
Thread Status:
Not open for further replies.

Share This Page