| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Pwn2Own 2011: IE8 on Windows 7 hijacked with 3 vulnerabilities | |
|
||
| Time: 08:39 EST/13:39 GMT | News Source: ZDNet | Posted By: Andi Stabryla | ||
|
VANCOUVER — Using three different vulnerabilities and clever exploitation techniques, Irish security researcher Stephen Fewer successfully hacked into a 64-bit Windows 7 (SP1) running Internet Explorer 8 to win this year’s CanSecWest hacker challenge | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 143 Last | Next |
The time now is
8:31:42 PM
ET.
Any comment problems? E-mail us |
| #1 By 15406 (209.87.228.158) at 3/10/2011 3:41:54 PM |
| So what else is new. Like I've said for years, MS can add all the snazzy, magic acronyms to their latest kludge but it's all marketing. I notice Chrome didn't get owned. FF will get its chance tomorrow. I wonder if the 32 vs 64 bitness had anything to do with the IE hack being easier or harder. For tomorrow's mobile hacks, I expect BB to stand strong while WinMo7 will bend over for a nickel. |
| #2 By 16797 (193.200.150.82) at 3/10/2011 6:01:28 PM |
|
#1 They needed to combine 3 holes to hack IE8. Even then, user was required to click on a link.
Safari: one hole was enough, no user action required. Mac was hacked in like 3 seconds. Exploit was, if I am not wrong, actually *generated* by a tool that scans for certain types of holes. Wow. Chrome was not even challenged, so we can't really tell. I mean, Opera was not hacked either, but.. was it even available as a target? |
| #3 By 15406 (99.240.77.173) at 3/10/2011 9:23:44 PM |
|
#2: It seems logical to assume that if someone at the contest had a working hack for Chrome, they would use it and claim the prize. Chrome hasn't been hacked for the third year running.
Opera was not a candidate as the contest is optional and vendors submit their products to the contest. Ultimately it's mostly a PR kind of thing. While we can throw barbs back and forth about who did better than whom, the results may mean little compared to the real world. Black hats with working exploits have little motivation to give them away for pwn2own, and you can't extrapolate the results to any real scale. That being said, Chrome FTW! |
| #4 By 16797 (193.200.150.82) at 3/10/2011 9:47:32 PM |
| #3 Actually, there was this team that was going to hack Chrome, but Google pdated Chrome one day earlier and closed that hole, so they never tried. |
| #5 By 15406 (99.240.77.173) at 3/10/2011 10:25:01 PM |
| #4: I was wrong about the BB. It bent over thanks to a flaw in the webkit-based browser. |
| #6 By 228224 (24.200.59.136) at 3/11/2011 3:17:44 PM |
|
#1: I think Chrome didn't get "owned" because they chickened out. That and the fact they released a huge update right before the contest. I nguess the found more bugs.
|
| #7 By 8556 (173.27.244.6) at 3/11/2011 4:12:11 PM |
| Google seems to update Chrome when a patch or update is needed, not on a set day per month schedule, and far more often then Microsoft updates, or patches, IE. Perhaps MS should stop treating their software as if we were still in 1990 when taking weeks or months to put out a patch, if it ever was put out, was good enough. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 143 Last | Next |
The time now is
8:31:42 PM
ET.
Any comment problems? E-mail us |
