A fully up to date version of Microsoft’s Internet Explorer 9, running on a Windows 7 system with service pack 1 installed, fell prey to hackers in a matter of minutes at an international browser hacking competition.
“What we want to show is there is no 100-percent security,” said Vupen Security CEO Chaouki Bekrar. “So even if you have a fully updated system, you can still get your system compromised.”
Vupen claim to have used “100-percent IE code” for the attack, and did not have to rely on system kernel code of third-party plugins that would open the browser up to easier exploits.
Read the full story at: Ars Technica.