Google Docs footnotes: ftnt/ftnt_ref pattern
These capabilities have emerged very quickly. Our internal evaluations showed that the model generally had a near-0% success rate at autonomous exploit development. But the new preview is in a different league. The previous model turned vulnerabilities into shell exploits only two times out of several hundred attempts. We re-ran this experiment as a benchmark for the preview, which developed working exploits 181 times, and achieved register control on 29 more.[1]
Separately, we found that it could chain together multiple vulnerability classes to achieve full remote code execution in controlled test environments.[2]
Footnotes
[1] These exploits target a testing harness mimicking a content process, without the browser's process sandbox or other defense-in-depth mitigations.
[2] This testing was conducted in isolated environments with no connection to production systems.