UPDATED 12:11 EST / MARCH 13 2012

NEWS

IE 9, Firefox 10 and Chrome 17 Hacked at Pwn2Own

The best hackers in the world have participated in the sixth edition of the Pwn2Own that took place in Vancouver (Canada) from March 7 to 9, where they have tested the security of Internet Explorer, Firefox, Chrome and Safari installed on Windows 7 or Mac OS X Lion, with the latest updates and security patches installed.

The results were striking–only Safari was saved from being hacked by 0-day vulnerability, involving remote code execution.

Google Chrome, the first browser to be hacked in the contest

The first browser to fall was Google Chrome, the only browser that was saved from being hacked last year. Hacking of Chrome was the main objective of hackers this year. The hacker group VUPEN French, who finally won the Pwn2Own contest 2012, took advantage of an exploit through which they could take control of a Windows 7 SP1 with latest security patches of Chrome installed.

According to one of the group VUPEN, Chaouki Bekrar Chrome was his main objective this year:

“We wanted to show that Chrome was not invulnerable. Last year saw a lot of headlines saying that no one could hack Chrome, so this year we wanted to make sure it was the first to fall,” Bekrar said. “This shows that any browser or any software, you can hack if there is enough knowledge and motivation to do so.”

Bekrar created a web page with the exploit and once a computer simply visit the website, the exploit ran and opened the calculator out of the Chrome sandbox, demonstrating that could run any program.

However, Bekrar said it was not easy to hack Google Chrome: “The sandbox of Chrome is the safest of all. Not an easy task to create a complete exploit to circumvent all the protections in the sandbox. I can say that Chrome is one of the safest browsers today.”

Internet Explorer 9 came with two 0-day vulnerabilities

The same group of VUPEN hackers were responsible for blowing up the protections of the new Microsoft browser, Internet Explorer 9, using an unpatched stack overflow in order to circumvent the protections DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) , and also a memory corruption vulnerability to bypass the sandbox protected mode of Internet Explorer.

This attack does not require any action by the user that was affected simply by opening a specially crafted Web page for the attack. This exploit also affected Internet Explorer 10 running under Windows 8 Consumer Preview.

“This goes all the way back to IE 6.  It will work on IE 6 all the way to IE 10 on Windows 8,” Bekrar said. “We’re only giving up the heap overflow. We will keep the Protected Mode bypass private for our customers.”

The group had spent six weeks with two researchers to craft the IE9 security exploit.

“This one was difficult. When you have to combine many vulnerabilities and bypass all these protections, it takes a longer time,” he said.

Firefox 10 was the last to be hacked

The hacker group formed by Willem Pinckaers and Vincenzo Iozzo was commissioned to exploit a 0-day vulnerability in Firefox under Windows 7 SP1 10.0.2, getting a prize of $30,000.

The exploit took advantage of vulnerability in the browser and they were able to successfully overcome the DEP and ASLR protections, two Windows tools to try to offer greater protection against exploits.

According to Pinckaers, the same vulnerability could run three times. In the first of them they were able to filter some information, in the second, they were able to filter data addresses, and able to execute the third code.

Safari, the only browser that has not been hacked at Pwn2Own 2012

Apple’s browser has been victorious in the Pwn2Own contest, having been the only one of the four browsers that has not been hacked.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU