All three major browsers — Internet Explorer, Chrome and Firefox — fell to hackers at this year’s Pwn2Own, held late last week in Vancouver. And it wasn’t just Microsoft, Google and Mozilla who were left on the battlefield, with Adobe’s Flash and Reader products also failing to hold up against attacks.
After day one, the only browser left standing was Chrome, but the second day saw several exploits bring it down, including one that affects both WebKit and Blink. Safari also came undone on day two, with a heap overflow and sandbox bypass allowing code execution on a compromised machine.
As a result, none of the software submitted to the contest made it through unscathed, with the exception of Oracle’s Java, which was withdrawn from the competition.
Comments
3 responses to “No Browser Left Standing At This Year’s Pwn2Own Hacking Contest”
After day one, the only browser left standing was Chrome…..Safari also came undone on day two.
So which is it?
webkit wins
I like that people are banging away on these things and finding the problems. LOL that Java was withdrawn from the contest. Probably because they weren’t measuring the time-to-fall in milliseconds… otherwise I’m sure Oracle would have claimed “first”.