Google Details Pinkie Pie's Exploit That Brought Chrome to Its Knees

A more thorough explanation is due once everyone's updated Chrome

Google has more details on the exploit that brought Chrome to its knees once again during the Pwnium 2 contest. The teenage hacker known as Pinkie Pie managed to snatch the grand prize of $60,000 for the second time. His was the only entry in the contest.

But Google has confirmed that the exploit used only Chrome bugs so it was eligible for the largest award.

Google explained that the exploit used two main bugs, one in WebKit and one in the IPC (inter-process communication) layer to get out of the Chrome sandbox.

"This pwn relies on a WebKit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox," Google's Chris Evans explained.

Just 10 hours after Pwnium 2 ended, Chrome was already updated and the bugs that allowed the exploit fixed.


Pwnium 2 (2 Images)

Gallery Image
Gallery Image

Hot right now  ·  Latest news