All three major browsers — Internet Explorer, Chrome and Firefox — fell to hackers at this year’s Pwn2Own, held late last week in Vancouver. And it wasn’t just Microsoft, Google and Mozilla who were left on the battlefield, with Adobe’s Flash and Reader products also failing to hold up against attacks.
After day one, the only browser left standing was Chrome, but the second day saw several exploits bring it down, including one that affects both WebKit and Blink. Safari also came undone on day two, with a heap overflow and sandbox bypass allowing code execution on a compromised machine.
As a result, none of the software submitted to the contest made it through unscathed, with the exception of Oracle’s Java, which was withdrawn from the competition.