Via Hacker News. Google Chrome Pwned by VUPEN aka Sandbox/ASLR/DEP Bypass.
While Chrome has one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years, we have now uncovered a reliable way to execute arbitrary code on any installation of Chrome despite its sandbox, ASLR and DEP.
I would hope an update to fix the exploit would be released soon, although sandboxing has already proved to be insecure which makes future exploits easier. Meanwhile, I’m going back to browsing by telnet hostname 80.