Investigators from VUPEN a pen-testing company in France claim that they've successfully infiltrated the Chrome Web-browser of Google that otherwise is regarded as highly safe for use.
Actually the investigators state that after creating one exploit, which they inserted into primary defenses incorporated inside Chrome, they managed to effectively plant malicious software onto users' computers.
Meanwhile during the attack, 2 different attack codes were used that helped to evade the security defenses comprising ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention) as well as a 'sandbox' created for making browser functions and basic operations of OS separate. Hitherto, more-or-less a small number of exploits have been reported which can pierce through the sandbox that has therefore enabled the browser to come up unharmed when the yearly Pwn2Own hacker contest was held over 3 consecutive years.
...
