Showing how they can bypass security measures of fully patched versions of Chrome and Windows, researchers have won a prize of $100,000 at the Pwn2Own contest, which takes place in Vancouver. According to the researcher, for exploit to occur, it is enough to visit websites with malicious code that exploits the flaw that allows it to execute code in an isolated Chrome process to generate the pages, and then exploit the flaw in the kernel of Windows 7, in order to gain more powers and perform arbitrary commands on the user's machine.

MWR Labs has not released details of how they used this flaw in Windows 7, but it was decided to first share it with Microsoft so they have enough time for a proper patch.

Tell us what you think about this in our Forum