Showing how they can bypass security measures of fully patched versions of Chrome and Windows, researchers have won a prize of $100,000 at the Pwn2Own contest, which takes place in Vancouver. According to the researcher, for exploit to occur, it is enough to visit websites with malicious code that exploits the flaw that allows it to execute code in an isolated Chrome process to generate the pages, and then exploit the flaw in the kernel of Windows 7, in order to gain more powers and perform arbitrary commands on the user's machine.
MWR Labs has not released details of how they used this flaw in Windows 7, but it was decided to first share it with Microsoft so they have enough time for a proper patch.
Tell us what you think about this in our Forum
Reading time is around minutes.
Researchers from the firm MWR Labs found a way to exploit vulnerabilities in Chrome, and how to bypass the security mechanisms in Windows 7, which enabled them to perform arbitrary actions on the victim's computer.
