Google's Chrome was the first browser to fall at the annual browser hackathon, Pwn2Own, with a security group from France, VuPen Security, demonstrating a sandbox exploit within five minutes of the competition's start.
The Pwn2Own competition aims to get security researchers to demonstrate exploits against the most up-to-date versions popular web browsers, Internet Explorer, Safari, Chrome and Firefox.
Points are awarded for both the speeds at which entrants can demonstrate vulnerabilities and the extent to which their exploit compromises the browser.
In previous years, hackers had tended to avoid Google's Chrome browser, which uses so-called sandbox technology, intended to restrict exploits to a single tab and prevent them from impacting the whole browser.
Announcing its success, VuPen tweeted:
Google Chrome is the first browser to fall at #pwn2own 2012, we pwned it using an exploit bypassing DEP/ASLR and the sandbox ! We won 32 pts— VUPEN Security (@VUPEN) March 7, 2012
Data execution prevention (DEP) and address space layout randomisation (ASLR) have been regarded as vital tools to secure web browsers.
The 32 points awarded for the exploit is recognition that the VuPen team were able to successfully compromise a fully-patched browser.
Meanwhile, a Russian hacker, Sergey Glazunov, claimed a $60,000 reward for demonstrating a separate Chrome exploit, which was also able to bypass Chrome's sandbox security.
Glazunov claimed his prize in a separate competition, Pwnium, which is solely focused on Chrome hacks.
Google withdrew its original sponsorship of the Pwn2Own competition over concerns that competitors would not be required to divulge the details of their exploits.
While the hacks against Chrome are notable, by the end of the first day of the Pwn2Own competition, teams had successfully demonstrated hacks against all of the browsers.
After firing off writs against AMD and Intel, ambulance-chasing lawyers take aim at Apple
Scientists claim to have found a way to create lighter and more reliable batteries
A malicious script has been in operation since November
Scientists are crowdsourcing help in detecting rare high-energy cosmic rays - and all you need is a mobile phone