French security company Vupen says that it’s hacked Google Chrome, sidestepping the browser’s built-in “sandbox” AND also evading Windows 7’s integrated anti-exploit technologies. The claims have not yet been confirmed by the vendors.
The exploit is one of the most sophisticated pieces of code that Vupen has created so far, according to their blog. The exploit can be served from a malicious Web site, and if a Chrome user surfed to that site, the exploit executes various payloads to download an executable from a remote location, launching it outside the sandbox at “Medium integrity level”. It is silent (no crash after executing the payload), it relies on undisclosed (‘zero-day’) vulnerabilities and it works on all Windows systems.
Vupen posted a video demonstration of its exploit on YouTube. That is what I call “fugly”. I hope that Vupen keeps this code wrapped up tightly until both Microsoft and Google have had a crack at patching against it.