French security outfit VUPEN says the company has created an exploit that successfully breaks out of the vaunted sandbox in the Chrome web browser. On top of that, researchers from the company were able to "weaponize" their research by simultaneously circumventing anti-exploit technologies integrated into Windows 7--hardly trivial tasks on their own.

In a blog post on Monday, the company posted a video showing how a visit to a specially crafted website using the Chrome browser culminated in the execution of a Calculator application downloaded from a remote location. The application was then launched as a separate process outside the sandbox without any user intervention; launched software could conceivably be a virus or other similarly malignant software.

In the blog post, the company says that its exploit: "Bypasses all security features including ASLR/DEP/Sandbox (and without exploiting a Windows kernel vulnerability), it is silent (no crash after executing the payload), it relies on undisclosed (0day) vulnerabilities discovered by VUPEN." Moreover, VUPEN asserts that its proof-of-concept works on "all Windows systems (32-bit and x64)."

Citing security reasons, VUPEN says that the exploit code and technical details pertaining to the underlying vulnerabilities will not be disclosed publicly. One cannot help but notice the commercialism--information pertaining to the exploit will only be exclusively shared with the company's "Government customers" as part of its vulnerability research services.

As reported by CNET News, Google says it has not received any details from the company and is hence unable to confirm VUPEN's claims. Computerworld observed that VUPEN changed its vulnerability disclosure policies last year and will only reveal its research to paying customers, and not to vendors.

For more on this story:
- check out this article at Computerworld
- check out this article at CNET News
- check out this blog entry on VUPEN

Related Articles:
Microsoft confirms new Internet Explorer vulnerability 
Hacker breaks into Barracuda Networks database using SQL Injection 
RSA tells more about SecurID breach 
New class of cyber attacks sidesteps existing defenses, says security vendor