![]() This exploit doesn't quite make that illustrious roster. Sandboxing prevents malicious processes in a browser from escaping out into the surrounding operating system, and sandbox "escapes" are desired achievements in hacking. ![]() Stay in your sandbox, kidĪs with the previous "zero-day," there's a catch with this one: The targeted browser has to have its sandboxing turned off. ![]() The version of Chrome released yesterday patches that flaw. This comes two days after a different Twitter user posted a different Chrome flaw, although he dialed back the "zero-day" label after it emerged that he'd figured out a hack that had won at the Pwn2Own contest (opens in new tab)last week. Other Chromium-derived desktop browsers, such as Brave, Opera and Vivaldi are also at risk. Tom's Guide can confirm that the proof-of-concept hack does indeed work in a fully patched version of Microsoft Edge, although we weren't able to get it to work in Chrome. This new vulnerability is deemed a "zero day" flaw because the software developers, in this case the Google staffers and volunteers working on the open-source Chromium project, had "zero days" to fix it before exploits began to appear "in the wild."
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |