IE9 2nd to fall at Pwn2Own

Discussion in 'other security issues & news' started by funkydude, Mar 9, 2012.

Thread Status:
Not open for further replies.
  1. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    IE 9, on most secure Windows yet, next browser to fall at hacker contest

    Much more interesting is something that hasn't been covered by any MS blog:

    http://arstechnica.com/business/new...st-windows-gets-stomped-at-hacker-contest.ars
     
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,052
    Location:
    USA
    I'm sure they will all go down before it is over. Firefox and Safari and probably both easier than Chrome and IE.
     
  3. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    ... is close to gaining parity with the current Chrome sandbox.
     
  4. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    Not saying much since the current Chrome sandbox was the first to fall.
     
    Last edited: Mar 9, 2012
  5. treehouse786

    treehouse786 Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    1,388
    Location:
    Lancashire
    thank you for the balanced input :thumb:
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    @Badkins,

    the time that any of them fall is irrelevant - the researches have the exploits wayyyyy before pwn2own. They don't just come up with them on the spot.

    They're basically attacking them in the "perceived order of security." Chrome was obviously their first target, as they said, because they wanted it clear that Chrome was not unbeatable. IE9 is the next logical target. Order has very little to do with which is the strongest or weakest.
     
    Last edited: Mar 9, 2012
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I agree.

    And, that means one needs to dedicate one's time entirely to finding the precious gap.

    That also means that, while this sandbox breaks/bypasses are revelant, in a real world scenario one would have to make the following question - Would it be rewarding for cyber criminals to waste precious time trying to break these sandboxes, when there's plenty of easier fish out there?

    Unless they know before hand they'll be putting hands on a great prize, I got my doubts. Even then, there are still easier ways, aren't there? o_O
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yes, that's generally the idea of a sandbox. Can it be broken? Of course. But it's a lot harder to come up with two exploits than it is to come up with one.

    For attacking a government/ company yes you might see a 0-day like this used. A user? No, I sincerely doubt it - much more likely you'll see a Java 0day or PDF or Flash.
     
  9. badkins79

    badkins79 Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    60
    Location:
    Maryland
    Yeah I know. I was sort of making fun of the whole pwn2own PR. They usually hype it up when they release results by saying "OMG IE pwnd in only 0.7 seconds!" And likewise they claim "Chrome still unhackable 2 years in a row."

    The time to execute an attack says nothing of the time to craft the attack. And when no one attempts an attack, it says nothing of the difficulty to craft an attack.
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yeah, definitely. I wish they wouldn't put out headlines like that lol they're completely misleading. In reality this IE9 hack took 2 weeks to formulate, who knows how long for Chrome.

    And as you say, last year no one attempted to hack Chrome, which was not to say that Chrome was unhackable.

    EDIT: It's a shame that this exploit still works in 8. I would have hoped that this would have helped:
    Though they do give credit:
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Considering Microsoft's new found focus on security I'm completely not surprised that the exploit is in code passed down from older versions.
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I wish there were "demo pages" for these exploits. I'd be interested in how bottom up randomization effects heap overflows.
     
Loading...
Thread Status:
Not open for further replies.