Client Testimonial
"Many IT service providers are more interested in selling hardware than providing a prompt and value adding service. This is not the case with Dual Layer." read more »
Harmony Capital
Client Login
 Quick Contact
Hacker exploits IE8 on Windows 7 to win Pwn2Own
Category : General 01 Apr 2010 07:53 AM | Industry News
"I started with a bypass for ALSR which gave me the base address for one of the modules loaded into IE. I used that knowledge to do the DEP (data execution prevention) bypass,” Vreugdenhil said last week.
Address Space Layout Randomization (ASLR)helps prevent attackers from getting memory addresses to use in buffer overflow situations. Data Execution Prevention (DEP) helps to foil attacks by preventing code from running in memory that is marked non-executable. These defense in depth protections are designed to make it significantly harder for attackers to exploit vulnerabilities.
One way to think about what defense in depth techniques do is similar to the features offered by fire-proof safes that make them last longer in a fire. Without defense in depth techniques, a fire-proof safe may only protect its contents for an hour or two. A stronger fire-proof safe with several defense in depth features still won't guarantee the valuables forever, but adds significant time and protection to how long the contents will last.
Digital security conference and the renowned Pwn2Own contest. During that contest hackers attempt to bypass the defenses of some of the most popular applications while representatives from the companies that develop them sweat embarrassingly in the background.
The well-known name of Charlie Miller returned this year and took down Safari, a feat he has achieved three years running. Vincenzo Lozzo (of Zynamics) and Ralf-Philipp Weinman (post-doctoral researcher at the University of Luxembourg) managed to bypass the iPhone OS security, and Peter Vreugdenhil hacked Internet Explorer 8. Firefox was taken down by Nils.
It’s important to note that the iPhone and IE8 hacks only managed to gain read access, not write access, limiting their effect but still allowing data theft. Also, Google will be happy to hear that no one even attempted to hack the Chrome browser.
If one of the hackers thought he even had a small chance of hacking Chrome then it would have been attempted. The kudos from being the first to do so at Pwn2Own is probably worth far greater than the laptop and the cash.
There's more riding on Pwn2Own than the cash. Reputations are made at the contest; last year, for example, researcher Charlie Miller made headlines when he broke into a Mac in less than five seconds to win $5,000.
The contest is also important to vendors. Apple, which has watched Miller break into a Mac twice in the last two years -- Miller will be at Pwn2Own again trying for a "three-peat" -- patched 16 vulnerabilities , 12 of them critical, in Safari, possibly as a preemptive measure before the contest.