Google Chrome Updates Available - just in time for Pwn2Own

Published: 2011-03-09
Last Updated: 2011-03-09 20:07:16 UTC
by Kevin Shortt (Version: 1)
2 comment(s)

The Pwn2Own contest by HP Tipping Point held at CanSecWest each year has a new sponsor this year. Google.

Google has offered up a bounty for breaking into Google Chrome.  As a seemingly direct defensive measure to prevent a big pay out, Google has published updates the day before the competition kicks off that fix numerous problems.

Yesterday, Google published 23 updates for the Chrome browser.  15 of them were rated high by Google.  So get those browers patched!

       http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html

The nice part is Credit and Cash go to the individuals that report and assist with patch development.

--
Kevin Shortt
ISC Handler on Duty

Keywords: Chrome
2 comment(s)

Comments

Haven't the browsers already been frozen for the contest? If so, doesn't releasing updates just give people something to reverse engineer to get new exploits (not that they need it)?
The timing is definitely suggestive of something. If it's true that browser versions have been frozen already for the contest, then maybe Google wanted to patch a vulnerability that they've discovered someone intends to use tomorrow.

It's a fair bet that Google would know such a thing, what with their tentacles crawling most of the web and social networks, extensive mailing list and newsgroup archives, access to private emails sent to or from any gmail user or even illegal wifi sniffing activities.

Being able to say "but it's okay, we patched it yesterday" would give their PR people a reasonable comeback if they get 'owned' at a competition they've created lots of hype over this year, in a bid to gain more users of their usage-tracking web browser.

Diary Archives