VUPEN Security has announced the discovery of a vulnerability in Google’s Chrome browser software.
Google Chrome has survived assaults at the Pwn2Own contest for the last three years. Now, French security firm VUPEN says it is unhappy to announced that it has officially “Pwned” Google Chrome and its protective Sandbox measures.
VUPEN uploaded a video of the browser exploit in action which bypasses all security features including ASLR/DEP/Sandbox, without exploiting a Windows kernel vulnerability. It works on all Windows systems and with the latest versions of the Chrome browser.
In the video, a web page is loaded displaying just a text message - “Your browser is being Pwned!” - and after a few seconds of inactivity (and without a visible crash in Chrome), the windows calculator application runs. According to the VUPEN write-up, the calculator executable is downloaded and executed.
At Pwn2Own in March this year, VUPEN successfully attacked Safari in much the same way. A specially crafted web page was loaded and several seconds later, the Mac OS X calculator application was launched and a file was written to the hard drive to demonstrate that the Sandbox had been compromised.
For obvious reasons, the write-up does not disclose technical information on the exploit, only to say that it is one of the most sophisticated codes they have used so far.
Result for: text message
Filed in 2008 and granted by the U.S. Patent & Trademark Office this week, Apple has been awarded a patent for filtering text message content.
The patent is titled “Text-based communication control for personal communication device.”
It is unclear whether the patent will ever find its way into an iOS product but it seems Apple’s intention is to cut down on “offensive” texts sent from consumers using Apple devices.
Reads the patent: “One problem with text-based communications is that there is no way to monitor and control text communications to make them user appropriate. For example, users such as children may send or receive messages (intentionally or not) with parentally objectionable language.”
Additionally, the patent proposes a way to encourage better grammar in texts. The filtering system can not really work without proper grammar, as many phone users write in shorthand or use words that may not necessarily be in a dictionary, like “LOL.”
Apple’s patent would disallow the use of non-dictionary words.
Result for: text message
Earlier this week a company called Lookout showed how several Android wallpaper apps were accessing user information, including phone number, subscriber identification, voicemail password, browsing history, text messages & the phone’s SIM card number.
The claims were made during a presentation at this week’s Black Hat security conference in Las Vegas.
In a number of interviews since then the developer, Jackeey Wu, has released a statement denying most of these claims and Lookout has since agreed that only the phone number, subscriber identification & voicemail password (when stored on the phone) were accessed and sent to Wu’s server in China.
Wu stated, “I collected the screen size to return more suitable wallpaper for the phone. More and More users emailed me telling that they love my wallpaper apps so much, because that even “Background” can’t well suited the phone’s screen. I also collected device id,phone number and subscriber id, it has no relationship with user data. There are few apps in Android market has the favorites feature. Many users suggest that I should provide the feature so I use the these to identify the device, so they can favorite the wallpapers more conveniently, and resume his favorites after system resetting or changing the phone.”
He also included a screenshot from installing one of the apps, showing the permissions used. You can read the entire statement below.
Lookout’s clarification on their website says, “While the data this app is accessing is certainly suspicious coming from a wallpaper app, we want to be clear that there is no evidence of malicious behavior. There have been cases in the past where applications are simply a little overzealous in their data gathering practices, but not because of any ill intent.”
[More]>>
