Pwn2own round 1: IE8 and Safari out!

Pwn2Own is a computer hacking contest held at the annual CanSecWest security conference, beginning in 2007. Contestants are challenged to exploit specific software (especially web browsers and other web related software) / computing platform targets. Contestant winners receive the device/computer that was successfully exploited and a cash prize. -wikipedia

Safari was penetrated in 5 seconds by hackers at Pwn2own, that says alot about Apple browsing safety, although the hackers do have months to prepare for the competition, Apple did release updates to patch the holes in the browser minutes before the competition. Which is apparently not enough.

Internet Explorer 8 was more complex as it has a sand-boxing capability, the attacks on IE8 was a 3 steps move. 2 steps is for successful execution of codes in the browser and the third is to punch through the sandbox. But no updates are issued on these holes as Microsoft is due to release IE9 in just few days time.

Google issued an update for Chrome days before the competition which apparently closed all known holes in it, although that being said, the hackers scheduled to hack Chrome did not arrive at the competition, some say, they are having difficulties after the update. Google even prepare the prize of USD20,000 to anyone that can penetrate the Chrome browser, although no one attempted it.

Firefox? what about it? it’s tough, not yet exploitable by Pwn2own contestants

there’s no sound about Opera though which is strange.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s