Skip to main content
  1. Home
  2. Computing
  3. News

Browsers go boom: Pwn2Own hackers take down Chrome, Firefox, & Internet Explorer

By
chrome-dead_dt

Think the browser your just updated is safe? Nope. Time to pack up the Internet and go home – nowhere is safe anymore. Hackers from France and the UK have cracked Chrome, Firefox, and Internet Explorer and used them to take control of their host computers. The good news? This was only a test. 

The Pwn2Own competition held during the CanSecWest security conference in Vancouver, Canada, awards money to the fastest hackers, and, as you might expect, the hackers turn over their methods and information used to exploit the browsers’ weaknesses. According toZDNet, a French security firm, Vupen, took down both Internet Explorer 10 and Firefox, while MWR Labs, a UK-based security firm, took down Chrome. All of the browsers had recent updates and patches applied to them, so it was no different than the most recent updated version of the browser on your desktop.

Recommended Videos

So how did they do it? This is where it gets extra tech-speaky. Vupen announced on Twitter that they cracked Internet Explorer 10. “We’ve pwned MS Surface Pro with two IE10 zero-days to achieve a full Windows 8 compromise with sandbox bypass#Pwn2own.” In English: they used two previously unknown holes in Internet Explorer 10 to gain access to Windows 8 on a Surface Pro tablet.

As for how Vupen cracked Firefox, Venture Beat explains it as a method that “involves recalling memory that the browser had previously ‘freed,’ (user-after-free), after which they were able to mess with the technology that protects a computer system from letting bad code execute.”

As if it wasn’t enough that two browsers fell, MWR Labs was able to take down the newest version of Google’s browser, Chrome 25, which just received a bushel full of security updates and patches. Chrome was defeated on a Windows 7 machine by exploiting the sandbox feature of the browser, which, ironically, is supposed to keep your computer safer. 

So what happens now that three major browsers have been exposed as vulnerable? Microsoft, Mozilla, and Google take the hacker’s how-tos and use the information to patch security holes and end up with stronger, safer browsers. 

Meanwhile, other browsers and Web applications are also being put to the test at CanSecWest with somewhat better results. No one was able to crack Safari running in OS X 10.8 Mountain Lion. Additionally, Adobe Flash and Reader on Windows 7 both held up, though hackers at the conference are still working on taking those apps down today.

Lastly, the one app that got kicked around like an old can during the Pwn2Own competition was Java. It was cracked three different times, including once by Vupen. Be careful out there. 

Topics
Meghan McDonough
Meghan McDonough
Former Digital Trends Contributor
Meghan J. McDonough is a Chicago-based purveyor of consumer technology and music. She previously wrote for LAPTOP Magazine…
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more
HP printers are heavily discounted in Best Buy’s flash sale
The HP - OfficeJet Pro 8034e Wireless All-In-One Inkjet Printer on a desk with a smartphone.

There’s good news in store if you’re looking to land a new printer at a discount this weekend. Best Buy is having a 48-hour flash sale on HP printers, with several that can compete with the best printers seeing some good prices. HP is almost always one of the best laptop brands, and it’s one of the same when it comes to printers. So if you’re looking for a new home or office printer, read onward on how to save on an HP printer at Best Buy.
HP DeskJet 2755e — $60, was $85

The HP DeskJet 2755e is a good entry-level printer. It’s got you covered if your printing needs are pretty basic, or if you don’t need to print in mass. This is a color InkJet printer, which makes it good for almost all uses. It can also make copies and scan in color, and it has mobile and wireless printing functionality. You can get set up quickly and easily with the HP Smart app that guides you through the setup process, and you can also use this app to print, scan and copy documents from your phone.

Read more
This tiny ThinkPad can’t quite keep up with the MacBook Air M2
Lenovo ThinkPad X1 Nano Gen 3 rear view showing lid and logo.

While the laptop industry continues to move toward 14-inch laptops and larger, the 13-inch laptop remains an important category. One of the best is the Apple MacBook Air M2, with an extremely thin and well-built chassis, great performance, and incredibly long battery life.

Lenovo has recently introduced the third generation of its ThinkPad X1 Nano, one of the lightest laptops we've tested and a good performer as well. It's stiff competition, but which of these two diminutive laptops stands apart?
Specs and configurations

Read more