Thursday, March 8, 2012

'Chrome' Exploit Windows-Only? Another Flash bug?

The headlining Pwn2Own crack suggests Chrome was cracked within a few hours of the contest's open. But was Chrome cracked at all? Just as purported Safari cracks historically included what amounted to cracks of Adobe Flash, it seems this new crack is a Windows 7 exploit, functional on 32-bit and 64-bit Windows 7 with Flash installed, but not otherwise accessible.

The real culprit may be the incomplete sandboxing of Flash under current versions of Chrome.

No comments: