Internet Explorer And Firefox Exploited At Security Conference - gHacks Tech News

Internet Explorer And Firefox Exploited At Security Conference

If there is one thing that you do not want to read as a web browser user or company that created a browser, it is that your browser has been exploited at a security conference while others have not.

The Pwn2Own security conference is a competitive gathering of security experts who try to compromise computer systems using zero-day exploits. The first security researcher to compromise systems during the conference earns cash prices and hardware.

Each successfully exploited browser is worth $10,000 this time for instance.

Two of the most popular web browsers have been compromised on day one of the conference. Both Microsoft's Internet Explorer and Mozilla's Firefox web browser were compromised on that day. This means basically that both browsers are vulnerable to security issues that have not been patched yet.

No security researcher even tried to exploit the Google Chrome web browser which many attributed to its sandboxing mechanism which isolates content and the browser core. Apple's Safari browser was exploited as well and the Opera web browser, was once again, not even included in the contest.

Also of note was a successful hack of the iPhone 3GS that bypassed the digital code signatures used by the operating system to verify Apple code.

Video of Internet Explorer 8 being exploited

Is it safe to say that Google Chrome is the most secure web browser currently? It probably is but that does not mean that there are no exploits for it, or that it offers a completely secure environment as Chrome security vulnerabilities have been discovered in the past as well.

Update:  It is interesting to note that successful exploits are revealed to companies who created the products. This gives them information to create security patches for the programs.

All companies affected by security issues have created patches for said vulnerabilities. This means that the vulnerabilities used to exploit the browsers cannot be used anymore if the browsers are patched fully.

Summary
Article Name
Internet Explorer And Firefox Exploited At Security Conference
Description
The Pwn2Own 2010 conference saw successful exploits of Microsoft's Internet Explorer 8, Mozilla's Firefox 3.6, and Apple's Safari 4.
Author
Publisher
Ghacks Technology News
Logo

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

  1. vic said on March 26, 2010 at 2:50 pm
    Reply

    why leave out Safari in the title.

    1. DanTe said on March 27, 2010 at 6:09 pm
      Reply

      Because an Apple product with security holes like a sieve is OLD NEWS?

  2. Paul said on March 26, 2010 at 6:44 pm
    Reply

    Thats why I am using Google Chrome right now.

  3. Turkey said on March 27, 2010 at 11:29 pm
    Reply

    My definition of security also includes how trustworthy is the vendor and how much data do they collect and what do they do with it. This makes anything Google insecure! However, I might give Iron a try…

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.