|
|
Thursday, March 10, 2011
|
Pwn2Own 2011: IE8 on Windows 7, Safari Hijacked
|
|
You are sending an email that contains the article
and a private message for your recipient(s). |
| Your Name: |
|
| Your e-mail: |
* Required! |
| Recipient (e-mail): |
* |
| Subject: |
* |
| Introductory Message: |
|
HTML/Text
(Photo: Yes/No) |
(At the moment, only Text is allowed...)
|
| |
|
| Message Text: |
A 64-bit Windows 7 (SP1) running Internet Explorer 8 system and Apple's Safari browser were the first "victims" at the first day of this year's CanSecWest hacker challenge held 9-11 March in Canada.
Security researcher Stephen Fewer successfully hacked into a 64-bit Windows 7 (SP1) running Internet Explorer 8, taking advantage of three different vulnerabilities. He used zero-day bugs in IE to get code execution and then chained a third vulnerability to jump out of the IE Protected Mode sandbox.
The attack also bypassed DEP (data execution prevention) and ASLR (address space layout randomization), two protection mechanisms built into Windows 7.
Fewer won a $15,000 cash prize and a new Windows laptop.
In addition, researchers from French pen-testing company VUPEN were also on hand with a fully tested exploit for IE8.
VUPEN's researchers also successfully exploited a zero-day flaw in Apple?s Safari browser. By attacking a MacBook, the researchers visited a rigged website and successfully launched a calculator on the compromised machine. The exploit bypassed ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention), two anti-exploit mitigations built into Mac OS X. The hijacked machine was running a fully patched version of Mac OS X (64-bit).
VUPEN won a $15,000 cash prize and an Apple MacBook Air 13" running Mac OS X Snow Leopard.
On the other hand, none tried to break into Google's Chrome browser. Google offered a $20,000 prize for any successful exploit. |
|
|
|
|