Google’s Trap for Chrome Exploit Writers Leads to Crashes for Users - rogersocke2001
A limitation built recently into Google Chromium-plate to detect and block Flash Player exploits ended up breaking certain Flash-based applications and games for more or less users.
Suspecting that individual would try to political hack Chrome via a Flash effort at this twelvemonth's Pwn2Own contest, the browser's developers decided to restrict the maximum allowed size of Flash JIT (just-in-time) pages to a value that such exploits would likely exceed.
The restriction was written in much a way that when the newborn limit would be reached the browser would throw an "access misdemeanor" exception that referenced memory cover "0xABAD1DEA," a hex value spelling down "a hopeless theme."
According to Chromium-plate's development tracker, the bound was introduced on February 23 and was first reliable out in the browser's Sneak (nightly build) translation. The limit was later tweaked because of a considerable number of crash reports and landed in Chrome stable adaptation 17.0.963.66 on March 6.
Both of the Pwn2Own contestants did stumble over the Flash JIT page limitation. Nicolas Joly, a member of the VUPEN Security team, which eventually South Korean won the hacking contest, aforesaid happening Twitter that he encountered 0xABAD1DEA exceptions during his tests.
Google Chrome security railroad engineer Justin Schuh revealed that helium was the one who put it there in order to detect Flash exploits. "0xABAD1DEA was a breadcrumb I added that's unique to Flash," he said on Chirrup.
Schuh by and by processed that IT wasn't just a trap, but likewise a mitigation, although he admitted that it was a weak one. The VUPEN Team eventually managed to study their way roughly the restriction and hacked Chromium-plate during the competition.
However, Google's half-extenuation, incomplete-trap code caused more problems than it solved, because it ended up interfering with the normal cognitive process of some legitimate Flash-based applications and games, like Sims Social, Audiotool and Paychex Online.
According to reports on the Google Chrome support forum, users started experiencing Flash Player crashes referencing 0xABAD1DEA after they upgraded to Chrome reading 17.0.963.66.
Changes aimed at addressing the trouble were made in Chrome version 17.0.963.79, which was free along Saturday, a Google employee said in response to the reports. However, about users still experienced 0xABAD1DEA-related crashes after upgrading thereto.
Source: https://www.pcworld.com/article/468998/googles_trap_for_chrome_exploit_writers_leads_to_crashes_for_users.html
Posted by: rogersocke2001.blogspot.com
0 Response to "Google’s Trap for Chrome Exploit Writers Leads to Crashes for Users - rogersocke2001"
Post a Comment