13 mars 2012
How Google set a trap for Pwn2Own exploit team
Summary: Here’s the story of how a unique signature was used to figure out if exploit writers would take aim at the Flash Player plugin in Google Chrome browser.
VANCOUVER — Last May, when security researchers from VUPEN posted this video to gloat aboutdemo a code execution exploit — and sandbox bypass — against the Google Chrome browser, the security response folks at Google took a close look and found enough evidence that the exploit actually hit the Chrome Flash Player plugin.
At the time, the two... [Lire la suite]