Google fixes one more Chrome zero-day exploited at Pwn2Own
Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. [...]
Pwn2Own is a hacking competition where researchers demonstrate software and device vulnerabilities, helping vendors identify flaws and improve security.
Search across headline titles and summaries.
Background for this topic.
Pwn2Own is a sanctioned hacking competition in which security researchers exploit specified software, devices, or other technology under controlled rules for cash prizes. Targets vary by edition and may include browsers, operating systems, virtualization, mobile devices, enterprise applications, vehicles, or industrial systems. Winning attempts commonly use previously undisclosed vulnerabilities, sometimes chaining several flaws to achieve code execution, sandbox escape, or privilege escalation.
Its security value is that it produces evidence that a vulnerability can be exploited against a real target, rather than merely theoretical findings. Organizers coordinate disclosure with affected developers, who can investigate and issue fixes or mitigations. Security teams should monitor related advisories, identify whether their deployed versions are affected, and prioritize patching when a demonstrated exploit involves an exposed attack surface or requires limited user interaction. Competition results do not mean every instance is exploitable in every environment, and technical exploit details may remain restricted until remediation is available.
Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. [...]