Google Plugs Chrome for Blackberry Pwn2own Vuln
Google may have saved $20,000 at Pwn2own, thanks to a flaw in RIM's Blackberry.
Google is updating its new Chrome 10 browser, just days after the browser hit its first stable release.
Chrome 10.0.648.133 fixes just one flaw, on Windows, Mac, Linux and Chrome Frame for IE. The flaw is known as CVE-2011-1290 and was first reported by HP TippingPoint's Zero Day Initiative, by way a team of researchers at the 2011 Pwn2own event.
The National Vulnerability Database describes CVE-2011-1290 as an integer overflow in WebKit, as used on the Research in Motion (RIM) BlackBerry Torch 9800 with firmware 126.96.36.199. The flaw enables remote attackers to execute arbitrary code via unknown vectors. CVE-2011-1290 was demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann, who were specifically targeting Blackberry and not Chrome.
For its part, Google describes CVE-2011-1290 as a high impact memory corruption in style handling flaw.
Chrome, Safari and Blackberry all use the WebKit rendering engineering as an underlying technology on their respective platforms. Safari and Blackberry will both need to update their respective platforms to fix CVE-2011-1290 as well.
Last week, Apple issued a massive Safari update for at least 54 WebKit related flaws to help defend against Pwn2own attacks. The Apple Safari 5.0.4 update however wasn't enough to prevent a team of researchers from VUPEN Security from exploiting the browser.
From a money perspective, Google had offered $20,000 as part of Pwn2own, to researchers who could hack Chrome. It was a reward that was unclaimed as no security researchers exploited Chrome during the Pwn2own event.
Though Iozzo, Pinckaers and Weinmann did not claim the $20,000 in reward for hacking Chrome at Pwn2own, Google is awarding the trio an award of $1,337 for their efforts. The trio was also awarded $15,000 from Pwn2own organizers at HP TippingPoint for the successful exploit of Blackberry.
In addition to Google's Chrome, Mozilla's Firefox also emerged from Pwn2own unscathed. Unlike Chrome, Firefox does not use WebKit, Firefox uses its own Gecko platform and as such, flaws discovered in other browser platforms don't represent the same risk.
"Whew, Firefox survived #Pwn2own 2011. This is not a laurel we are resting on, but I'm still happy about it," Brendan Eich CTO of Mozilla noted that Firefox 4 will continue to be tightly secured by way of technique known as frame poisoning. Frame poisoning is a technique, which first debuted in Firefox 3.6 and is intended to help mitigate against dangling pointer bugs.
Pointer and use-after-free memory type errors were specifically noted by Pwn2own organizer Aaron Portnoy in an interview with InternetNews.com as being the most likely vector by which attackers would exploit browsers at Pwn2own.
Keep up with security news; Follow eSecurityPlanet on Twitter: @eSecurityP.