September 25, 2017
Project zero, Google’s ambitious efforts to find and remove zero-day vulnerabilities, released an open-sourced automated security testing tool that helps find new bugs in major browsers. Project zero is actually a group of security analysts employed by the tech giant to weed out and remove zero-day vulnerabilities.
Google has used the tool to check and helped find 31 security bugs across all major browsers this year, with the majority of them residing in Apple's Safari browser. The tool used to find the bugs, called Domato, has exposed 17 now-patched bugs in Safari and has also found bugs in Chrome, Edge, and Internet Explorer, but they far fewer.
The tool is designed to find and uncover bugs in the DOM or Document Object Model engines of Chrome, Safari, Edge, and Internet Explorer. The DOM engines are an essential part of each browser's rendering engine, like Google Chrome’s blink which was Google’s response to Apple’s Webkit in 2013.
Ivan Fratric, one of the researches of Project Zero, has been appearing in Apple’s safari patches for a while now. According to him, DOM engines are a major source of browser bugs, which are occasionally targeted by attackers, quite similar to the zero-day exploit in Firefox found to be used against users of the Firefox-based Tor Browser last November.
"To attempt to address this discrepancy, I reached out to Apple Security proposing to share the tools and methodology. When one of the Project Zero members decided to transfer to Apple, he contacted me and asked if the offer was still valid. So Apple received a copy of the fuzzer and will hopefully use it to improve WebKit," he said.