Google Chrome Hacker Wins $60K at Pwnium

google-chrome-logoGoogle has updated its Chrome browser, fixing an issue that was first uncovered at the Pwnium browser hacking contest, which took place at the CanSecWest security conference in Vancouver this week.

Russian security researcher Sergey Glazunov won $60,000 for demonstrating his exploit, which was able to bypass Chrome’s sandbox, at the hackathon solely focused on Chrome hacks.

Under the rules of the competition, Glazunoy was able to claim the prize for demonstrating a full Chrome exploit on a fully-patched system. Google was willing to pay out a total of $1 million in the competition.

“Congratulations again to community member Sergey Glazunov for the first submission to Pwnium,” wrote Jason Kersey of Google’s Chrome team in a blog detailing the security update.

But Glazunoy is not the only hacker that has defeated Chrome’s feted security features.

Google’s Chrome was the first browser to fall at the annual browser hackathon, Pwn2Own, which is running in parallel with Pwnium. A security group from France, VuPen Security, demonstrated a sandbox exploit within five minutes of the competition’s start – though, by the end of the first day, teams had successfully demonstrated hacks against Internet Explorer, Safari, and Firefox.

Google had withdrawn its sponsorship for Pwn2Own and set up the rival competition after realizing it wouldn’t get the full details on some of the exploits being shown off at Pwn2Own.

Google won’t be able to patch the browser until it confirms how the exploit worked.

Meanwhile, the latest Chrome update also fixes issues with some Flash games and videos. 

This article was originally published on V3.

Related reading

How to lead SEO teams and track its performance effectively: Experts tips
SEO is a team sport: How brands and agencies organize work
How to pitch to top online publishers: 10 exclusive survey insights
search reports for ecommerce to pull now for Q4 plan