How Google set a trap for Pwn2Own exploit team
Summary: Here’s the story of how a unique signature was used to figure out if exploit writers would take aim at the Flash Player plugin in Google Chrome browser.
VANCOUVER — Last May, when security researchers from VUPEN posted this video to gloat aboutdemo a code execution exploit — and sandbox bypass — against the Google Chrome browser, the security response folks at Google took a close look and found enough evidence that the exploit actually hit the Chrome Flash Player plugin.
At the time, the two companies publicly sparred over the origin of the vulnerability with Google intent on making the distinction that the faulty code was supplied by Adobe and VUPEN insisting that it didn’t matter because the exploit worked against the browser’s default installation.
--> Please see the rest on the site : http://www.zdnet.com/blog/security/how-google-set-a-trap-for-pwn2own-exploit-team/10641