Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Researcher chains three exploits to take down IE8 at Pwn2Own

Gregg Keizer | March 10, 2011
Marks the first ever Pwn2Own escape from a browser sandbox

Although Fewer acknowledged he hasn't poked around Chrome, he didn't seem surprised that no one took on Google's browser yesterday. "Chrome's sandbox is fundamentally quite solid," he said.

Fewer made use of the work by Peter Vreugdenhil, last year's IE Pwn2Own winner, to build his multi-part package. "Peter's work was great, and I applied a few of his techniques," said Fewer.

Vreugdenhil, who now works for TippingPoint, chained two exploits last year to bypass Windows 7's ASLR and DEP.

The only other browser to fall Wednesday was Apple's Safari 5, which dropped to a team from French security company Vupen minutes before Fewer took his shot at IE8.

Not surprisingly, Fewer felt great about winning the $15,000. "I feel fantastic," he said today. "Everything here went very smoothly."

He plans to spend the cash prize to pay for his trip from the U.K. and on some home improvements.

Today's Pwn2Own schedule will pit researchers against Mozilla's Firefox -- that browser's turn was postponed to today after Wednesday's round started late -- and four smartphones running Apple's iOS, Google's Android, Microsoft's Windows Phone 7 and RIM's BlackBerry OS.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.