Chrome, Firefox, Internet Explorer, Safari, Flash Player: all hacked

by
in security on (#5G4H)
So much for browser security. Researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins. The Pwn2Own contest takes place every year at the CanSecWest security conference in Vancouver, Canada, and is sponsored by Hewlett-Packard's Zero Day Initiative program. The contest pits researchers against the latest 64-bit versions of the top four browsers in order to demonstrate Web-based attacks that can execute rogue code on underlying systems.

The final count for vulnerabilities exploited this year stands as follows: five flaws in the Windows OS, four in Internet Explorer 11, three each in Mozilla Firefox, Adobe Reader, and Flash Player, two in Apple Safari and one in Google Chrome. All bugs were reported to the affected vendors after the contest, as part of the competition's rules.

Re: Meta (Score: 1)

by zafiro17@pipedot.org on 2015-03-27 22:56 (#5XWR)

IE is mandatory at work, which means that (A) a lots of good sites/tools are totally unusable on the corporate machine (trello.com is one of them. Love Trello and need it at work), and (B) I am stuck with its absolutely awful UI choices. We're using 9 or 10 (can't be arsed to look it up) and it's clear that was a version that was desperately chasing the sleekness of Chrome, but with a development team of not-awfully talented individuals. It really is terrible to use. Simple things like showing bookmarks are not easy, and it has huge rendering errors. I'm glad they are giving up on it - it's the software equivalent of 'design by committee.'
Post Comment
Subject
Comment
Captcha
What number is 3rd in the series 34, 3 and 22?