It didn't manage to do it during the most recent Pwn2Own challenge, but VUPEN Security is now claiming that it has finally managed to hack Google's Chrome browser and crack its so-called "sandbox." According to the firm, the exploit relies on some newly discovered zero day vulnerabilities, works on all Windows operating systems (and only Windows, apparently), and could give malicious websites the ability to download code from a remote source and execute it on a user's computer -- the video after the break shows an example, in which the Windows Calculator application is downloaded and run automatically. For its part, Google says it has been unable to confirm the hack since VUPEN hasn't shared any details with it -- something the firm apparently doesn't plan to do, as it says it only shares its vulnerability research with its "government customers for defensive and offensive security."
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.