Chrome安全已不是神话 沙盒被攻破

系统 Linux



Hi everyone,

We are (un)happy to announce that we have officially Pwnd Google Chrome and its sandbox. 

The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it is silent (no crash after executing the payload), it relies on undisclosed (0day) vulnerabilities discovered by VUPEN and it works on all Windows systems (32-bit and x64).

The video shows the exploit in action with Google Chrome v11.0.696.65 on Microsoft Windows 7 SP1 (x64). The user is tricked into visiting a specially crafted web page hosting the exploit which will execute various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox at Medium integrity level.

While Chrome has one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years, we have now uncovered a reliable way to execute arbitrary code on any installation of Chrome despite its sandbox, ASLR and DEP.

This code and the technical details of the underlying vulnerabilities will not be publicly disclosed. They are shared exclusively with our Government customers as part of our vulnerability research services.




  1. Chrome OS 将针对企业开发控制台等独特功能
  2. Chrome 已支持 Ubuntu 全局菜单
  3. 知己知彼 黑客如何攻击Windows服务器
  4. 谷歌修复Chrome浏览器6个缺陷
  5. 外媒评出谷歌Chrome优于微软IE的10大理由
责任编辑:张浩 来源: cnBeta

2010-01-14 10:26:12

2023-07-09 00:32:12

2015-08-24 13:46:17

2009-12-04 10:20:53

2021-03-22 09:57:51

AI 数据人工智能

2009-11-26 10:57:27

2021-07-24 13:40:25


2022-02-17 16:32:58


2013-05-02 14:48:52


2010-05-04 07:47:22

2011-06-02 10:13:56

2009-04-09 21:56:14

2013-05-17 13:17:26

2013-11-14 14:02:57

2010-08-10 15:04:17

2014-06-18 09:59:55


2013-07-31 15:44:51

2010-01-20 10:53:33

2009-03-23 09:07:04

2009-02-02 21:47:51