A planned talk that was to unveil a new and previously unknown (or “zero day”) vulnerability in Google’s Chrome web browser was cancelled on Saturday after the researcher, Ucha Gobejishvili, backed out, citing difficulties obtaining a visa to travel to New Dehli, India, where the Malcon hacking conference was held.
The organizer of Malcon, Rajshekhar Murthy, confirmed in an email to Security Ledger that Gobejishvili cancelled his talk at the last minute.
“(Ucha) did not come at (sp) the conference due to visa issues in the last minute,” Rajshekhar Murthy wrote in an e-mail to Security Ledger on Monday. “The issue stated was he was called in last minute (sp) by the military for compulsory service which conflicted with our event dates.”
Gobejishvili did not respond to e-mail and instant message requests for comment.
In a conversation with Security Ledger last week, he said he would use his talk at Malcon to discuss a security hole in Chrome that he called a “critical vulnerability.” “It has silent and automatically (sp) download function…and it works on all Windows systems” he told Security Ledger in an online chat session.
The Tbilisi-based researcher told Security Ledger that the vulnerability is in a DLL (dynamic link library) that is part of the browser and works on Windows systems running Chrome, and other platforms, as well. The hole, if exploited, could allow a remote attacker to place and run a malicious executable file on the vulnerable system, Gobejishvili said.
As we noted last week, however, there were questions about Gobejishvili’s presentation from Google and others. The researcher said he would demonstrate an exploit – but not release proof of concept code for it that could be independently verified. He also declined to give Google any information about the hole, despite claims that he discovered it in July.
A copy of Gobejishvili’s presentation slides reveals little about the specifics of the exploit, which Gobejishvili dubbed “Calypso,” beyond a YouTube video that purports to show the exploit being used to run malicious code in the Chrome browser.