Researchers Break Into Firefox, Internet Explorer At Pwn2Own

Internet Explorer, along with Firefox and Safari become one of the handful of applications that were hacked on the first day of the 2014 edition of the hacking competition, Pwn2Own.

Security researchers from the French research firm VUPEN managed to bypass the sandbox and break into Microsoft’s web browser after they found a use-after-free issue that causes object confusion in the broker. This was exploited it to execute arbitrary code.

In the process they managed to net a cool $300,000.

Impressively, most of the contestants managed to demonstrate their skills within 5 minutes — despite the fact that they had a full 30 minute time frame to do it. Once the exploits were demonstrated, they retired to the disclosure room to present the details to the software vendors.

This, obviously, is one of the main conditions of this competition.

The first day of Pwn2Own 2014 got even more epic, after a few of the researchers even donated their wins to charity organizations across the globe, including the Canadian Red Cross.

Along with Internet Explorer 11 on Windows 8.1, Firefox and Safari, security vulnerabilities were also found in Adobe Flash and Reader. What remains to be seen is whether anyone can break into Chrome in what will be the second (and last) day of the competition, tomorrow.

Plus, we can now expect all these security holes fixed in future patches for these software.

Please Leave Your Comments Below...

  • Emily Williams

    As of today, Chrome looks like a winner, but that could change tomorrow according to the article!

  • Ted Smith

    David, how do hackers make $300,000 by hacking into these browsers? Did they steal things or was it just the competition and they proved their hacking ability to earn it.

  • Jake Phillips

    Well, this didnt make me feel any safer about the web, but thanks for posting nonetheless! It looks like we need to be extra careful if hacking is this easy.

  • Wayne Scott

    Is this only on windows 8.1, or is it on other windows OS and Apple OS as well?