Security Advisor

IE 10 Running on Surface Hacked in 10 Minutes

The Pwn2Own contest has already taken down Microsoft's latest Internet browser.

Pwn2Own 2013, the event where security pros get paid for breaking software, was held last week during the annual CanSecWest security contest, and the major browser players all took their punishment.

The highlight was the newcomer's fall, Internet Explorer 10, which was defeated at the hands of VUPEN Security on day one of competition

What made the feat impressive was it was done on a Surface Pro tablet running Windows 8 -- another newcomer to this year's event. The French firm was able to recreate the exploit in both the Desktop and the Windows App Store (Metro) versions of the browser within the first 10 minutes of the competition's start.

"The exploit fully bypassed all Windows 8 security protections and exploit mitigation technologies including HiASLR, DEP, AntiROP and Protected Mode sandbox," wrote VUPEN.

For that quick bit of hacking, the firm was awarded $100,000 from HP's Tipping Point, the security and risk management branch of the hardware manufacturer.

But that wasn't it for VUPEN. Later in the date it successfully exploited a hole in the latest version of Firefox running on Windows 7 and found a new hole in Java (which doesn't seem too difficult to do). For those additional hacks, the company was awarded an additional $60,000.

Another notable (and profitable) hack came the next day when a two-man team pulled off a full sandbox bypass against Google Chrome on Windows 7. Here's how the team from MWR Labs did it: "By visiting a malicious webpage, it was possible to exploit a vulnerability which allowed us to gain code execution in the context of the sandboxed renderer process," wrote MWR Labs in a blog post. "We also used a kernel vulnerability in the underlying operating system in order to gain elevated privileges and to execute arbitrary commands outside of the sandbox with system privileges."

For that bit of cyber wizardry, the team was awarded $100,000.

For all successful exploits, whether prize winners or not, HP said it bought them all and over half a million bucks was awarded over the three-day hacking competition.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.


comments powered by Disqus

Subscribe on YouTube