Skip to main content

IE8, Firefox and Safari Hacked to Bits at Pwn2Own

For the last two Pwn2Own contests, Charlie Miller has been first to gain access by exploiting vulnerabilities in Safari. This year, Charlie turned his streak into a hat trick.

Miller is keeping the details of his exploit under wraps for now, but CNet reports that the security analyst successfully gained remote access to a MacBook Pro by exploiting a vulnerability in Safari. Miller directed MacBook Pro running Snow Leopard to a Web site that contained malicious code. Miller will walk away with the $10,000 cash prize.

Meanwhile, IE8 and Firefox have also been hacked. ZDNet reports that Peter Vreugdenhil, an independent researcher, exploited two vulnerabilities in IE8 to break into a machine running a fully patched version of 64-bit Windows 7.

Vreugdenhill revealed to ZDNet that he used fuzzing to uncover the holes.

"I specifically looking through my fuzzing logs for a bug like this because I could use it to do the ASLR bypass," he told the site, referring to Microsoft's address space layout randomization. "I started with a bypass for ALSR which gave me the base address for one of the modules loaded into IE. I used that knowledge to do the DEP (data execution prevention) bypass,” Vreugdenhil explained.

The research says that once he had found the vulnerability, it took him two weeks to write his exploit and he received $10,000 for his troubles.

A contestant who wished only to be known as Nils broke through Firefox, also running 64-bit Windows 7. ComputerWorld reports that a half hour after Vreugdenhill, Nils bypassed the same defensive mechanisms to exploit Mozilla's Firefox 3.6 and also won $10,000.

Tipping Point, the security company sponsoring the event, will be sending details of the flaws details to all affected companies this Friday.

Read more about the hacks here.

  • bison88
    So does that mean Opera 10 users are safe?
    Reply
  • scuba dave
    All i have to say is.. I need to switch majors.. 10,000 bucks for less than a month of work? Sold!
    Reply
  • milktea
    I better stop using Firefox, IE8, Safari, and ... my computer.
    Reply
  • amabhy
    Give people money and prizes and anything can be hacked. I'm surprised tech companies don't hire professional hackers (or crackers, as the good guys like to be called) to find holes so they can fix em early.
    Reply
  • Mottamort
    I'm surprised tech companies don't hire professional hackers (or crackers, as the good guys like to be called) to find holes so they can fix em early.

    I think they do that already :)
    Reply
  • dman3k
    I wonder how long it took to hack FF or IE8.
    Reply
  • hellwig
    bison88So does that mean Opera 10 users are safe?Uh, sadly no. While I use Opera myself, it more than likely means they didn't waste time hacking a web browser only 1.5% of us use.
    Reply
  • aneasytarget
    The key point is that you have to go to a specific website. If you go to trusted websites, less chance of being hacked.
    Reply
  • warezme
    Hey look I hacked Opera!!!!....., (sounds of crickets in the background)
    Reply
  • war2k9
    There is no such thing as 100% safe from hacks.
    Reply