IE9 Hacked, Chrome Pwned (Again)

By | March 12, 2012


IE9 Hacked, Chrome Pwned Again

Security flaws everywhere.

After Google Chrome has been hacked twice, Microsoft’s Internet Explorer 9 was the second browser to fail the security challenge.

By exploiting two unknown vulnerabilities, Vupen Security was able to remotely open a calculator running on a Windows 7 SP1 machine. While no additional details were revealed, both IE and Google Chrome exploits were a combination of at least a couple of previously unknown flaws.

Google Chrome

A young hacker nicknamed PinkiePie has also successfully hacked Google’s Chrome web browser, which was exploited for the third time in the last week or so. According to PinkiePie, he spent past three days refining the attack, so it would be able to take a full control over machine and escape the famous Google sandbox.

Internet Explorer 10 Improvements

Although IE9’s sandbox is less restrictive than Google’s Chrome, which makes it easier to bypass, Vupen Security CEO Chaouki Bekrar, said that Internet Explorer 10 running on Windows 8 will close this gap, thanks to various “Protected Mode” improvements.

Security? What Security?

Interestingly enough, Bekrar also said that their group had enough zero day attacks to target all the web browsers, including Safari and Mozilla Firefox.

There is no such thing as a bullet proof web browser, at least yet.

[Picture Source: ArsTechnica]


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

Comments (11)

Trackback URL | Comments RSS Feed

  1. Henning says:

    Some additions:

    * There have been _three_ successful attacks on Chrome. The two attacks under the Pwnium programm are already fixed und distributed with Chromes autoupdate mechnism
    * Firefax and Safari also got hacked

  2. Mikael Dahl says:

    to people  who say chrome has bad security because of this.

    All people wanted to hack chrome because they got more money,

  3. Mozz says:

    No browser is bulletproof, no matter what anyone says. So whats the best way to stay safe when browsing? Just a little bit of common sense.

  4. Armin says:

    Chrome has never been hacked at Pwn2Own before and now all this?

  5. Armin says:

    Chrome has never been hacked at Pwn2Own before and now all this?

  6. Armin says:

    Chrome has never been hacked at Pwn2Own before and now all this?

  7. Guest says:

    Lesson learned here is Opera is the safest browser :) Reasons are
         (1) Less User Base.
         (2) Opera doesn’t have money to donate.

    • apád anyád says:

      1.) Opera does not participate on PwnToOwn.
      2.) Unedited comment copy from the former article:

      Author’s favorite browser (Opera v11.6.1250) hacked 0day vulnerability. 
      http://www.youtube.com/watch?v=_ynKfZsYP-8

      • Anonymous says:

        Actually, Pwn2Own doesn’t include Opera because they argue that it is too insignificant. Being one of the +220 million insignificant users of Opera, I would like to let Pwn2Own hear my voice: “Include Opera next time!”

        It may be closer to bulletproof than other browsers, but it is unfair to Opera to exclude it thereby letting potential vulnerabilities remain undiscovered. All other major browser competitors are included in the contest, consequently gaining an unfair advantage.