PWN2OWN 2009: Safari, Firefox and IE8 go down in flames

Yesterday, Safari was taken out in mere second.  Today, a researcher named ‘Nils’ performed a drive-by download attack against Internet Explorer 8 running in Windows 7 on a Sony Vaio laptop.  Nils won $5000 (US) and got the laptop as well.  He was able to take advantage of a ‘brilliant IE8 bug’.  Details of the bug have been withheld.

Microsoft had a security response team at the contest and witnessed the drive-by first hand.

Nils also managed to hit Safari and then, later, exploited a zero-day flaw in Firefox to score the triple run.

This contest proves that no matter how much a developer tries-and these three browsers were developed by three of the top organizations on the planet-you cannot be 100% secure.

The contest ends on Friday, March 20.

Digg This


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s