The end is near.
After countless attempts, the almighty Sandbox has been bypassed by the French security company Vupen, which won the $15,000 cash prize just few months ago in the Pwn2Own contest for successfully hacking Safari web browser.
Although Google was unable to confirm such claim, the buzz is quickly spreading all over the Internet.
Here is what Vupen had to say about their recent accomplishment:
The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it is silent (no crash after executing the payload), it relies on undisclosed (0day) vulnerabilities discovered by VUPEN and it works on all Windows systems (32-bit and x64).
See it in action below.
It should be also noted that the Windows Calculator (calc.exe) launch is just an example of such hack and it can be replaced with any hacker made payload as well.
About (Author Profile)
Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.