What is it?
Various vulnerabilities and weaknesses in Google Chrome
, which were successfully combined into two separate exploits and demonstrated to execute code outside the sandbox.How does it work?
The first exploit by a skilled Chrome researcher, Sergey Glazunov, combined a universal cross-site scripting vulnerability with a weakness in history navigation to execute code. The second, by a researcher using the handle “PinkiePie,” combined three separate vulnerabilities related to plug-in loading and corruption of GPU process memory.
Should I be worried?
As these exploits successfully combined multiple vulnerabilities to execute code, users should definitely be careful.
How can I prevent it?
Any system running a version of Chrome older than version 17.0.963.79 should be updated to protect against the vulnerabilities. As Chrome automatically updates to the latest version by default, most systems should already