Pinkie Pie's $60,000 Vulnerability Patched in Chrome OS as Well

The bugs that enabled Pinkie Pie to win Pwnium 2 have been fixed

Chrome wasted no time in patching the Chrome OS version of the browser that was also vulnerable to the exploit showcased by hacker Pinkie Pie during the Pwnium 2 contest recently, the same exploit that netted him $60,000, EUR46,540

Less than 10 hours after the contest ended, Google issued a Chrome update fixing the bugs that enabled the exploit.

A short while later, the Chrome OS version of the browser has been updated as well, fixing the same two bugs, one memory use-after-free vulnerability in the SVG implementation in WebKit and another bug in the inter-process communication module that enables Chrome processes that share data safely.

The update should be rolling out to all users. They're in no real danger during that time, the vulnerability is unlikely to have been discovered by other hackers.

What's more, the details that Google has provided so far probably weren't enough for other researchers to duplicate the exploit or come up with a similar one.

Hot right now  ·  Latest news