Chrome 21 is in Beta right now in it won’t be long before Chrome users are all benefiting from a much more powerful PPAPI Sandbox. The sandbox is built around the Adobe Flash Plugin, which has been commonly exploited in the past. Of the vulnerabilities used in the Blackhole Exploit Kit about 20% are Flash (65% Java, the rest PDF).
Chrome had previously sandboxed Flash player but it built the sandbox around Flash, leading to holes and looser restrictions. This time Flash has been built to work in the sandbox – the way it should be. This allows for a stronger sandbox.
The first public exploitation of Google Chrome was by Vupen in 2011. They broke through a “default installation of Chrome”, which includes Flash. It was confirmed later that it did in fact use the Flash plugin. Why did Vupen choose the Flash plugin? It’s the easy target – or it was.
Vupen’s exploit is ‘proof’ that the Flash sandbox was the easier target. It’s nice to see that Google is still taking steps to harden their sandbox even though it’s never been targeted in the wild.