‫ Google patches rare critical vulnerability in Chrome

ID: IRCNE2012031429
Date: 2012-03-10
 
According to "computerworld", Google has patched a critical Chrome vulnerability disclosed Wednesday at the CanSecWest security conference in Vancouver that can be exploited to escape from a browser's secure sandbox.
Russian security researcher Sergey Glazunov demonstrated a remote code-execution (RCE) exploit against a fully patched version of Chrome on Windows 7 as part of Google's Pwnium contest held at the conference.
Glazunov's exploit leveraged two Chrome vulnerabilities -- one that allows the execution of arbitrary code and one that bypasses the browser's much-touted security sandbox, which normally restricts such exploits.
Both vulnerabilities leveraged by Glazunov's exploit were fixed in Google Chrome 17.0.963.78, which was released on Thursday.
Because of the Chrome's auto-update feature, users just need to restart their browsers in order to deploy the security fix. Organizations can deploy the important update by using the Google Update for enterprise policy.
 
Related link:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 20 اسفند 1390

دسته‌ها

امتیاز

امتیاز شما
تعداد امتیازها:0