There seems some issues with Google’s malware detection functionality at the moment, as Chrome and Firefox are warning users against the TwitPic.com.
With access to all the data on all websites, this extension asks users to participate in certain surveys before they can use the features.
Security researcher Ucha Gobejishvili claims to exploit Google Chrome. Gobejishvili is set to present his Google Chrome 0-day exploit tomorrow at the MalCon.
Google Chrome team has decided to implement a similar feature in Chrome, which although allows installation of external extensions, but disables them by default. Users are notified about this change, and prompted to enable or uninstall such extensions.
Google has announced to double the cash reward for the next Pwnium contest to be held in October. This year, Google will award up to $2 million for different levels of exploits involving Chrome and other applications.
VUPEN team has successfully compromised Chrome in Pwn2Own 2012. They hacked Chrome in the first five minutes of the contest by using an exploit bypassing DEP/ASLR and the much-hyped sandbox feature of Chrome.
It seems that the hackers would have a tough challenge at Pwn2Own 2012 for winning the reward of $1 million for hacking Google Chrome. Just before the event, Google has shipped an update for the stable version of Chrome, v17.0.963.65, which fixes 14 high-risk bugs.
Google Chrome team has taken a very important step towards enhancing the security of extensions and apps by enabling the Content-Security-Policy (CSP) by default. This means that the extensions would have to follow strict guidelines for resources, which would prevent 96% vulnerabilities found in Chrome’s extension system.
Google has announced rewards for exploiting Chrome in Pwn2Own contest this year. The winners will get rewards worth USD 1 million and chromebooks for hacking and discovering bugs in Chrome, WebKit, Flash and other related stuff.
Google Chrome team has announced to expand its Security Rewards Program, which will now cover the Chrome OS as well. The Security Rewards Program is a bug bounty program for reporting bugs present in Chromium.