Security News #0x24: Pink(ie) Pie Pwn(ium)
- Last week we mentioned the security of browsers. This past week at a conference in Malaysia, a teenager known as Pinkie Pie successfully compromised a fully patched Chrome Browser, earning $60,000 in the process. Google patched the vulnerabilities 12 hours later. The vulnerability, CVE 2012-5112, was in the way Chrome handled SVG graphic elements.
- Juan Miguel Paredes has a nice piece on windows privilege escalation via DACLs.
- Still no more exploits that work on televisions, but here is a Metasploit exploit for Metasploit. I wonder if it is exploitable. Nah- that would be silly.