PDA

View Full Version : Microsoft Discloses Chrome Security Bugs, Turning the Table on Google



Teh One Who Knocks
04-20-2011, 03:44 PM
Microsoft kicked off its vulnerability disclosure policy for non-Microsoft products with two security reports covering products made by Google.
By Jon Brodkin, NetworkWorld


http://i.imgur.com/iaJko.jpg

Google has a habit of telling the world when it finds a security problem in Microsoft software. The officials in Redmond like to wring their hands and complain about Google putting Microsoft customers at risk, but eventually they just acknowledge the bugs and fix them as best they can.

But there's nothing stopping Microsoft researchers from poking through Google software and finding bugs of their own. And that's just what they're doing now, announcing a new vulnerability disclosure policy for non-Microsoft products, and kicking off the program with two security reports covering products made by none other than Google.

Both security reports affect the Chrome browser. Google likes to brag that its sandboxing method keeps users safer than they would otherwise be in Internet Explorer. But no browser is bullet-proof and Microsoft wants Web surfers to know that Chrome has problems of its own.

In the previous Google/Microsoft dustups, Microsoft has complained that Google didn't give enough warning to Microsoft before disclosing vulnerabilities publicly, while Google officials protested that they had given Microsoft plenty of time and that the company dragged its feet.

Microsoft is making it clear in its security reports that it discussed them with Google before going public, and in fact says that Google has already fixed the security bugs Microsoft is disclosing. Coputerworld reports that the security holes were fixed by late last year, and a Google spokesperson tells me via e-mail "these issues are actually quite old" and were covered in Google announcements in September and December.

So from that perspective, the bug reports don't seem all that groundbreaking. But on to the specific Chrome problems. Microsoft's new bug report MSVR11-002 says the "HTML5 implementation in Chrome and Opera could allow information disclosure."

"An information disclosure vulnerability exists in the implementation of HTML5 in these Web browsers [Chrome and Opera]," Microsoft says. "Specifically, as the World Wide Web Consortium (W3C) describes in the HTML5 specification for security with canvas elements, information leakage can occur if scripts from one origin can access information from another origin."

The other bug report says a vulnerability in Chrome "could allow sandboxed remote code execution."

"A sandboxed remote code execution vulnerability exists in the way that Google Chrome attempts to reference memory that has been freed," Microsoft said. "An attacker could exploit the vulnerability to cause the browser to become unresponsive and/or exit unexpectedly, allowing an attacker to run arbitrary code within the Google Chrome Sandbox. The Google Chrome Sandbox is read and write isolated from the local file system which limits an attacker."

There are limitations to both of these threats. The HTML5 vulnerability for example, requires attackers to "possess the IP address of the network resource that contains the private information." And in the case of the sandboxing risk, "Successful exploitation of this vulnerability does not allow for code to run outside of the Google Chrome Sandbox, which is read and write isolated from the local file system, although other attacks may be possible."

These are just the first bug reports affecting third-party software we're seeing from Microsoft, so it will be interesting to see which other vendors might fall in Microsoft's cross-hairs.

But Microsoft is proceeding cautiously. Google researchers on occasion seem to act alone, with no involvement from higher-ups. But Microsoft is dictating standards to its employees for how they can report vulnerabilities, and waiting until the bugs are fixed before disclosing them publicly, at least in these first examples. Still, a shift is evident. After years of being put on the defensive by security researchers pointing out holes in Microsoft software, the hunted has become the hunter.

PorkChopSandwiches
04-20-2011, 03:54 PM
Grasping at straws

Teh One Who Knocks
04-20-2011, 03:56 PM
I think it's funny...if I was running Microsoft I would have had my programmers doing this a long time ago. Everyone tries to gang up on MS by finding security flaws in their software, so I'd be doing the same to everyone that makes software that runs on Windows.

PorkChopSandwiches
04-20-2011, 04:14 PM
It is funny, but that's what happens when you're the top dog. Same reason you dont see viruses developed for Apple, Apple fans will try to tell you its because Apple is so fucking fantastic its immune to viruses. The reality is, they have less then a 5% market share compared to a PC. So why would anyone bother :) You got to go after the top dog for maximum results.

Teh One Who Knocks
04-20-2011, 04:20 PM
Oh I agree with you 100%....if people really wanted to go after Apple, there would be just as many viruses for it as there are for Windows. The fanboys just don't wanna believe it because they are in love with crApple :lol:

PorkChopSandwiches
04-20-2011, 04:32 PM
Yessirre, look at this shit

http://tehbasement.com/showthread.php?4687-iPhone-Keeps-Record-of-Everywhere-You-Go&p=66257#post66257

Pony
04-21-2011, 09:53 AM
It is funny, but that's what happens when you're the top dog. Same reason you dont see viruses developed for Apple, Apple fans will try to tell you its because Apple is so fucking fantastic its immune to viruses. The reality is, they have less then a 5% market share compared to a PC. So why would anyone bother :) You got to go after the top dog for maximum results.

That and there isn't nearly as much third party software for Apple products. They don't want you installing any non-apple apps on their devices. Fact is at the hacker convention every year Mac is always the first system to be compromised, usually in less than a couple minutes.

Goofy
04-21-2011, 05:46 PM
I bought an apple today........... it was quite tasty :)