{"id":234128,"date":"2017-10-23T09:58:56","date_gmt":"2017-10-23T07:58:56","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=234128"},"modified":"2017-10-23T10:00:40","modified_gmt":"2017-10-23T08:00:40","slug":"microsoft-nails-google-over-chrome-security","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/234128-microsoft-nails-google-over-chrome-security.html","title":{"rendered":"Microsoft nails Google over Chrome security"},"content":{"rendered":"<p>Microsoft has <a href=\"https:\/\/blogs.technet.microsoft.com\/mmpc\/2017\/10\/18\/browser-security-beyond-sandboxing\/\" target=\"_blank\" rel=\"noopener\"><strong>taken aim<\/strong><\/a> at Google\u2019s Chrome browser in its latest security post, saying it contains a security vulnerability.<\/p>\n<p>Jordan Rabet from Microsoft\u2019s Offensive Security Research team said they examined Google\u2019s Chrome web browser, with a strong focus on sandboxing.<\/p>\n<p>\u201cWe wanted to see how Chrome held up against a single RCE vulnerability, and try to answer: is having a strong sandboxing model sufficient to make a browser secure?\u201d said Rabet.<\/p>\n<p>Key findings from Microsoft\u2019s research team includes:<\/p>\n<ul>\n<li>It is possible to find remotely-exploitable vulnerabilities in modern browsers.<\/li>\n<li>Chrome\u2019s relative lack of Remote Code Execution (RCE) mitigations means the path from memory corruption bug to exploit can be a short one.<\/li>\n<li>Several security checks done within the sandbox result in RCE exploits being able to bypass Same Origin Policy, giving RCE-capable attackers access to victims\u2019 online services and saved credentials.<\/li>\n<li>Chrome\u2019s process for servicing vulnerabilities can result in the public disclosure of details for security flaws before fixes are pushed to customers.<\/li>\n<\/ul>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/software\/233763-google-chrome-62-released.html\">Google Chrome 62 released<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft has taken aim at Google\u2019s Chrome browser.<\/p>\n","protected":false},"author":23,"featured_media":217834,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[1567,167,123],"class_list":["post-234128","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-chrome","tag-google","tag-microsoft"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/234128"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=234128"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/234128\/revisions"}],"predecessor-version":[{"id":234170,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/234128\/revisions\/234170"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/217834"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=234128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=234128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=234128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}