Pwn2Own saw the Google Chrome browser fall for the first time in public, and over at the CanSecWest security conference , the very same browser has also been exploited by a brilliant community member known as Sergey Glaznov, who claims bragging rights (as well as a cool $60,000, of course). The Chrome Stable channel has been updated to 17.0.963.78 on Windows, Mac, Linux and Chrome Frame, where issues concerning Flash games and videos has been fixed, but the first submission to Pwnium by Sergey Glaznov has netted him $60,000 in the process, and Google announced it as the following.
[Ch-ch-ch-ch-ching!!! $60,000] [117226] [117230] Critical CVE-2011-3046: UXSS and bad history navigation. Credit to Sergey Glazunov.
It will definitely take some time before future security updates will include the loophole spotted, but at least we do know that the Chrome browser itself is not infallible, and Google has definitely dangled an attractive enough carrot to make sure their browser ends up being more secure.
. Read more about