FireFox was also hacked. Of note in this article is how Chinese gov. forced all Chinese hackers to drop out of the competition: https://www.bleepingcomputer.com/ne...wsers-fall-at-famous-pwn2own-hacking-contest/
Apparently some of the Chrome security devs are joking that Chrome was not allowed to participate this year due to Chrome's Win32k Lockdown mitigation technique being too powerful and ahead of the browser game. Who knows... But it would be nice to have seen Chrome be allowed to participate.
I agree Chrome has best sandbox and Win32k Lockdown is a big thing to complement sandbox, but do they really were not allowed to participate?
When China hoards its hackers everyone loses https://www.engadget.com/2018/03/16/chinese-hackers-pwn2own-no-go/
I can't say for certain, since the developers were joking around for the most part. It could be more likely that the exploit time/cost to exploit the software followed by escaping the sandbox is too much. Most previous Chrome exploits relied on two parts; first exploiting Win32k bug(s), then another combined exploit to escape the sandbox. The Win32k Lockdown is really a sweet addition.
Yes. I believe old-school approach to built-in sandbox is best: break program into several process to accomplish principle of least privilege and limit attack surface .(Win32k Lockdown). I think all that overhyped virtualization techniques are weaker, but of course can also be useful.