Microsoft Edge gets pwned, Google Chrome is “unhackable”
Microsoft Edge took a beating at the recent Pwn2Own 2017 hacking contest, according to a report by Tom’s Hardware.
The event saw security teams trying to exploit web browsers and operating systems through vulnerabilities.
The report stated that Edge was hacked five times at the event, while Chrome was “unhackable”.
Security teams which penetrated Edge used, among other things, “an arbitrary write in the Chakra JavaScript engine” and “a use-after-free (UAF) vulnerability in Chakra”.
Teams were tasked with exploiting a browser using zero-day vulnerabilities that are unknown to the vendor.
“The most impressive exploit by far was a virtual machine escape through an Edge flaw. The team leveraged a heap overflow bug in Edge, a type confusion in the Windows kernel, and an uninitialised buffer in VMware Workstation for a complete virtual machine escape,” stated the report.
Chrome wins
Safari and Firefox also fell victim to hacks, while Chrome remained secure.
One attempt was made to attack Chrome, but the team failed to expose the browser in the allotted time.
Now read: Laptop ban on certain UK and US flights
Loading ...