(The Hosting News) – Earlier today, Google released an emergency security update for Chrome that patched critical vulnerabilities in the software.
The exploits were found during the annual Mobile Pwn2Own competition held this past Wednesday and Thursday in Tokyo.
PcWorld reported that a researcher by the alias name of Pinkie Pie found the vulnerability in Chrome by using the Samsung Galaxy S4 and Nexus 4. By finding this vulnerability, Pinkie “chained together an integer overflow vulnerability and a sandbox escape one.”
In order for the attack to be successful, the user must visit a website that contains the security hole. Once opened in Chrome, the “attack executed without any other user interaction and allows arbitrary code execution on the operation system,” continues the report from PcWorld.
The researcher was awarded a total of $50,000 for his success in the competition. Mobile Pwn2Own granted $40,000 of the reward, while the rest was a bonus from Google’s Chrome Security Team for hacking the software on a Nexus 4 and Samsung Galaxy S4.
This wasn’t the first time Pinkie has hacked into Google’s software. In 2012, as part of Google’s Pwnium contest, the researcher hacked into Chrome’s sandbox app twice.
The tech giant released patch updates just hours after the vulnerability was found.