Tag Archives: Chrome Vulnerabilities

Chrome Disables Third-party Bundled Extensions by Default

Google Chrome team has decided to implement a similar feature in Chrome, which although allows installation of external extensions, but disables them by default. Users are notified about this change, and prompted to enable or uninstall such extensions.

Google Doubles Reward for Pwnium

Google has announced to double the cash reward for the next Pwnium contest to be held in October. This year, Google will award up to $2 million for different levels of exploits involving Chrome and other applications.

Chrome Pwned in Pwn2Own 2012 By VUPEN

VUPEN team has successfully compromised Chrome in Pwn2Own 2012. They hacked Chrome in the first five minutes of the contest by using an exploit bypassing DEP/ASLR and the much-hyped sandbox feature of Chrome.

Chrome Patches 14 High-risk Bugs Before Pwn2Own 2012

It seems that the hackers would have a tough challenge at Pwn2Own 2012 for winning the reward of $1 million for hacking Google Chrome. Just before the event, Google has shipped an update for the stable version of Chrome, v17.0.963.65, which fixes 14 high-risk bugs.

Chrome Enables Content Security Policy For Extensions

Google Chrome team has taken a very important step towards enhancing the security of extensions and apps by enabling the Content-Security-Policy (CSP) by default. This means that the extensions would have to follow strict guidelines for resources, which would prevent 96% vulnerabilities found in Chrome’s extension system.

Google Expands Chromium Security Rewards Program

Google Chrome team has announced to expand its Security Rewards Program, which will now cover the Chrome OS as well. The Security Rewards Program is a bug bounty program for reporting bugs present in Chromium.