Google, VUPEN Spar Over Chrome Hack
Source: Dark Reading - Posted by Dave Wreski   
Security If bypass of Chrome's sandbox indeed used a new Flash vulnerability in the browser, then it's both a Flash bug and a Chrome hack, says security researcher Dan Kaminksy. The Google Chrome browser hack revealed this week could come down to a dispute over third-party software: A Google security expert says a zero-day flaw discovered by VUPEN Security researchers to bypass the browser's sandbox actually lies in Adobe Flash. But VUPEN isn't budging on its claims that its researchers successfully "owned" the browser software itself.

But for now, only VUPEN and its "three-letter" government agency customers know the details about the two zero-day vulnerabilities that VUPEN says it exploited and successfully used to bypass Chrome's sandbox and other security features.

Read this full article at Dark Reading

Only registered users can write comments.
Please login or register.

Powered by AkoComment!