Google patches $60k Chrome hole in 10 hours

Google has fixed a hole with its Chrome browser that allowed a security researcher to escape the sandbox and execute code on a machine, earning the white hat hacker a $60,000 bounty.
Written by Ben Woods, Contributor

Google has fixed a hole in its Chrome browser that earned a white hat hacker $60,000 at the recent Pwnium 2 hacking contest.

The company released the fix for the vulnerability on Wednesday, around 10 hours after it was revealed at the Pwnium competition at 'Hack in the Box 2012' contest in Kuala Lumpur, Malaysia on Tuesday. The hacker — who goes by the name of 'pinkie pie' — found the vulnerability in the browser by combining two separate exploits, and netted a cool $60,000 for his discovery, as well as a free Chromebook.

"We're happy to confirm that we received a valid exploit from returning pwner, Pinkie Pie. This pwn relies on a WebKit Scalable Vector Graphics (SVG) compromise to exploit the renderer process and a second bug in the IPC layer to escape the Chrome sandbox," Chris Evans, a Chrome engineer, confirmed on the Chromium blog.

"Since this exploit depends entirely on bugs within Chrome to achieve code execution, it qualifies for our highest award level as a full Chrome exploit," he added.

In response to the disclosure, Google immediately got to work on patching the issue and put out a patched version of the browser less than half a day after the publication of the flaw.

This isn't Pinkie Pie's first success in breaking out of Google Chrome's sandbox; in March, he managed to combine six different exploits to break out of the sandbox and execute code. This hole was later patched with the release of Chrome 18.

Editorial standards