News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About
The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot your password?

Pwn2Own Hackers Take Down Chrome, Firefox, IE10

2013.03.08 09:44 by Daniela
Tags: Pwn2Own, hackers, security

 

In its eighth year, the Pwn2Own contest paid $100,000 for the successful exploitation of IE 10 running on a Surface Pro tablet powered by Windows 8. The attack was impressive because it was able to bypass a variety of anti-exploit technologies Microsoft has added to its flagship operating system and browser over the past decade. To succeed, researchers from France-based Vupen Security had to combine multiple attacks, a technique that is growing increasingly common.

A hack of Chrome on Windows 7 was worth $100,000, as well. MWR Labs promised a more in-depth breakdown of its hack once Google has patched the bug.

"We showed an exploit against previously undiscovered vulnerabilities in Google Chrome running on a modern Windows -based laptop," the winning, two-man team from MWR Labs wrote in a blog post. "By visiting a malicious webpage, it was possible to exploit a vulnerability which allowed us to gain code execution in the context of the sandboxed renderer process. We also used a kernel vulnerability in the underlying operating system in order to gain elevated privileges and to execute arbitrary commands outside of the sandbox with system privileges."

HP provided most of the sponsorship for Pwn2Own this year, and Brian Gorenc, head of its DVLabs team, said that the company had paid out $480,000 in cash to the crackers, along with laptops and subscriptions that brings the total prize pot to over half a million dollars.

"It's a really good investment," he explained. "It puts us on the cutting edge of security research and we get to see the latest and greatest attack techniques, which we can then feed into our other security products," Gorenc said.

Read more -here-

 

  User Reviews/Comments:
    rate:
   avg:
by anonymous - 2013.03.09 07:47
THEY DO IT VIA HARDWARE!(os cant do a thing when the problem is at the hardware end)exemple intel or amd or NVidia!
comment discuss top

exec. time: 0.00479 s
Copyright © 1998-2014 Speed Guide, Inc. All rights reserved.
Terms of Use | Privacy Policy