Pwn2Own: Internet Explorer 8, Firefox and Safari Hacked

By | March 25, 2010 | 20 Comments

Pwn2Own: Internet Explorer 8, Firefox and Safari HackedAs first day at Pwn2Own hacking contest nears its end, web browser results are in.

Just like last year, Apple’s Safari 4 on Snow Leopard 10.6 was hacked first, as Charlie Miller set up a remove exploit.

Interment Explorer 8 has fallen next, after a successful Peter Vreugdenhil four layer attack on Windows 7.

Third was Firefox 3 on Windows 7 (64 bit), which was hacked using memory corruption vulnerability.

Out of 4 tested browsers, Google Chrome was the only one to survive this contest. As Charlie Miller said earlier: “There are bugs in Chrome but they’re very hard to exploit. I have a Chrome vulnerability right now but I don’t know how to exploit it. It’s really hard. They’ve got that sandbox model that’s hard to get out of. With Chrome, it’s a combination of things — you can’t execute on the heap, the OS protections in Windows and the Sandbox.”

Thanks to mabdul for the news tip.

[digg-reddit-me]


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism carrier back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

  • Ichan

    So sand boxing works as a security feature after all. Fascinating. Or can it be due to the lack of features that do not present a security risk.

    Lol Macs.

    • nobody

      chrome has similar number of features as any other browser when it comes to exploitable vulnerabilities – it handles system IO, it handles plugin layer, it interprets network-borne information. all browsers do that. do you honestly think that adding notes or speed dial makes opera more vulnerable (or chrome less vulnerable becase it hasnt got these?). no, it doesnt. so snide remarks about chrome low feature count (well, it does almost everything that other browsers do in fact..) are snide ans stupid at the same time.

      macs are a security nightmare, but they benefit (no longer i think) from security by obscurity. that iphone hack is fantasticly dangerous..

      • Ichan

        OK?

        Lets add some hardy extensions to chrome and see where security gets us. Since you like the word ‘snide’ so much….

        Ichan sneers nobody 4 eternity. Now get out of that one.

        PS:

        network-borne information

        I am sure we will see network projectiles in the futue. Ahahah. Network-borne.

        • nobody

          chrome has 6 thousands extensions available (firefox has 12 thousands). https://chrome.google.com/extensions

          what is your point again?

        • nobody

          make it 3+ thousands (c) and 6+ thousands (ff) – mixed stuff up

          extensions are – from security point of view in case of chrome safety model – unimportant. there are expoitable vulnerabilities in chrome itself, but nothing you can exploit to go out of the sandbox. no extension will change that. plugins could do (as they run with different (but not always higher) credentials) but it seems that plugins are sandboxed too.

          google did a right job with their browser, hope that others can copy it. sandboxing done right works.

          • Ichan

            You know I could call you a liar. But I am not going to do that (at least not of yet)

            Chrome is a great browser. Are you so certain that the sandbox layer is in-penetrable?

            You’ll see those same guys coming next year exclaiming chrome was a singe to break.

            BTW: How many script kiddies are capable of such feat? Apart from IE, no other browser I know falls so badly to real in the wild exploits. (Providing you come across them)

          • nobody

            and your point is?

            script kiddies do not write exploits that create zombie farms. paid professionals do, and some of them are outright briliant.

            im not certain, each software has its flaws and holes, but chrome wasnt breaked in the most important browser related hacking event of the year. so somebody passed on 15k bucks? cmon.

            will they break it in a year? maybe, even certainly. but in a year, chrome 10 will be with us, not chrome 5.

            and it is mostly due to (costly) process separation and almost paranoid sandbox model (combined with windows sandbox).

            extensions are in chrome for almost a year now, implemented properly they do not seem to be such security concern as opera paints it all the time.

          • Ichan

            Opera didnt paint anything for me. I am speaking from using Firefox’s implementation of extensions.

            You are right. We will have chrome 12 by then. It’s nice seeing KHTML invoke to what it is now.

            I just do not like the 120 processors associated with one program deciding to use a sandbox model. Is it really necessary?

  • César Maciel

    What about Opera?

    • Chuck Monroe

      Same thing :( I wish they included Opera as well.

      • nobody

        they’ve said that they couldnt be bothered with opera. and probably never will. it is uncool brand, thats all.

        probably opera refused the money for prizes and/or didnt want to be cracked, it is the ‘safest browser’ after all.

        or MOST probably, opera marketing still doesnt know about pwn2own..

        • TTT

          actually even your beloved firefox claims to be “more secure” as all browsers do.. and it clearly isn’t (and never was..)

          I understand your sadness as FF gets hit at pwn2win, never gets a release out of the door without a security blackhole and, the time an important security flow is discovered in your hated opera, it ends up being not exploitable..

          • nobody

            where i said anything good about firefox (aside from extensions an excelent webdeveloper tools, both are also a part of chrome now (and pretty much any other succesfull software)) so you can claim me a fanboi of anything?

            are you pulling stuff out of your ass? that is unhealthy

          • TTT

            I didn’t mean to get you upset. Given your comments are always quite sarcastic I thought you could handle mine without getting crude..

            Anyway to me (and to other readers of this site) it’s quite apparent from your comments that you’re a firefox fan and opera hater.. and your reaction just confirms that my comment hit straight where it hurts (I don’t know if it is the ass).

          • nobody

            while i despise opera as a company (and few of their employees personaly) and see LOTS of shortcomings in their products, im very far away of being a ‘fanboi’ of any computer software. im no boy anymore

            despising opera started when they lied repeatedely about developer tools for opera being ‘worked on’ back in early 2001. it is 2010 and tools still arent there. because back then i got pissed, i simply like to watch opera fail time after time. it makes me warm inside. hobby of sorts, whats fun, they manage to impress me with each new failure, 10.50 are times of joy for me :)

          • Bemused

            You say you aren’t a boy, but why is your spelling, grammar and punctuation on the level of a fifth grade student?!

          • nobody

            because i coulcnd care less, and it happens that english is my 4th foreign language. how many foreign languages do you know? nada? null?

            and if you are so anal about grammar, in written english you shouldnt use shorthand forms of ‘you are’ or ‘are not’. this is something taught in 4th grade me thinks

          • Bemused

            I am a polyglot, not that it matters, and capitalisation of sentences is a pretty basic fundamental in most European languages – just in case you didn’t realise. You clearly don’t do it because of ignorance.

            Also, you can use your browser’s spell checker to correct your shoddy mistakes, which clearly do not come from a lack of knowledge of the language, but carelessness so typical of someone with low intellect.

            But do go on writing like you do, I’m sure people will take you seriously…

          • Ichan

            Can I join this too? Why don’t we go team 1 vs team 2? Much moar fun :D

  • Ichan

    Too little market share.

«
»