The AchieVer Posted March 22, 2019 Share Posted March 22, 2019 Mozilla Firefox and Microsoft Edge Hacked at Pwn2Own Mozilla Firefox and Microsoft Edge were both hacked in the second day of the Pwn2Own hacking contest, and in the case of the Windows 10 browser, researchers came up with a super-complex and clever approach to escape a virtual machine and get inside the host. Amat Cama and Richard Zhu of Fluoroacetate were the first to attempt to break into Mozilla Firefoxusing a JIT Bug and an out-of-bounds write in the Windows kernel. This technique allowed to run code at system level, technically taking over the machine completely after pointing Firefox to a crafted website. The two were received a price of $50,000. Mozilla’s browser was also hacked by Niklas Baumstark, who escaped the sandbox with a mix of a JIT bug and a logic bug. The researcher eventually obtained the same rights as the logged-in user, which could obviously provide full control of the host in the case of an administrator account. Baumstark received $40,000 for his exploit.Microsoft Edge exploitsFluoroacetate also hacked Microsoft Edge with a more complex attack that earned them $130,000. “Starting from within a VMWareWorkstation client, they opened Microsoft Edge and browsed to their specially crafted web page,” Zero Day Initiative explains. “That’s all it took to go from a browser in a virtual machine client to executing code on the underlying hypervisor. They started with a type confusion bug in the Microsoft Edge browser, then used a race condition in the Windows kernel followed by an out-of-bounds write in VMware workstation.” Arthur Gerkis of Exodus Intelligence also managed to exploit Microsoft Edge with a double free bug in the renderer mixed with a logic bug to escape the sandbox. His successful attack against the Windows 10 browser brought him $50,000. The vulnerabilities that the researchers used to break into the two browsers have been reported to Mozilla and Microsoft and they should be patched in the coming updates. Source Link to comment Share on other sites More sharing options...
banned Posted March 23, 2019 Share Posted March 23, 2019 Quote They started with a type confusion bug in the Microsoft Edge browser, then used a race condition in the Windows kernel followed by an out-of-bounds write in VMware workstation. Well, there goes my plans to upgrade to Windows 10... (not really, just kidding) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.