Pwn2Own has officially started and looks like several browsers were exploited with their inherent vulnerabilities. But not all! Google Chrome has remained unscathed during the event and it seems that Google’s 20 grand bet isn’t going anywhere.
Months before the event, Google posted a $20,000 reward to any one who can successfully exploit the vulnerability of Chrome during the first day of the contest. Unfortunately, during the said event, no one dared to touch Google’s browser. Well, to be more specific there were 2 teams that pre-registered for the challenge but later backed down.
A guy named Moatz Khader was supposed to be the first to break the browser but didn’t show up. On the other hand, “Team Anon” preferred to exploit the Blackberry instead of hacking Google’s browser.
Other browsers like the IE8 and the newly updated Safari 5.0.4 were pawned by these hackers. An independent researcher named Stephen Fewer used a trio of vulnerabilities to hack IE8 on Windows 7. He used the browser’s vulnerabilities to bypass ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention) and escaped IE8’s sandbox (protected) mode – which is intended to isolate the damage in the browser in case of an attack.
On the other hand, the team from a French Company “Vupen” had successfully cracked the newly updated Safari browser in just 5 seconds! It seems that Apple has a long way to go in this field.
All in all, Chrome had proven itself once again on being the most secured browser of all. It had survived 3 consecutive Pwn2Own event. Hats off to Chrome for achieving such feat.
You might also like
Story by pinoytutorial