Internet Explorer 11 Exploited In Pw2Own Hacking Contest

Internet Explorer 11

The annual Pwn2Own hacking contest gives prizes to people who successfully hack popular web browsers. This year’s event took place at the usual venue: Vancouver’s CanSecWest security conference. Hewlett-Packard’s Zero Day Initiative Program sponsored the contest.

A look at the Pwn2Own contest

The hacking contest pits researchers against the latest versions of top four browsers. The contest is to see if web-based attacks can properly execute rogue code in underlying systems. This year’s winner is JungHoon Lee, who successfully hacked Internet Explorer 11 and Google Chrome on Microsoft Windows. He also hacked Apple’s Safari on Microsoft Windows.

Lee also won a total of $225,000 in prize money. This total does not include the brand new laptop computers he got to keep after exploiting the flaws. His attack on Chrome garnered him the largest payout for a single exploit in the entire history of the competition. It includes $75,000 for the bug, $25,000 for privilege escalation and an additional $10,000 for hitting the beta version of the browser.

Lee’s Internet Explorer exploit earned him an extra $65,000  and the Safari hack earned him $50,000. Perhaps the most remarkable thing about Lee’s exploits is that he worked alone rather than in a group unlike most of the researchers in the competition.

An impressive hack on Internet Explorer 11

One group of hackers that goes by the name of 360Vulcan Team, broke into Internet Explorer 11 in just 17 seconds. That is quite a feat considering IE 11 comes with an enhanced sandbox, 64-bit process, EMET and security mechanisms of 8.1. The team bypassed all those measures a very short amount of time, and it shows just how vulnerable the browser is even with all the extra “protections”.

A majority of the hacks at this year’s Pwn2Own required changing of multiple vulnerabilities together to bypass all the defense mechanisms originally put in place by browsers to prevent remote code executions.

For exclusive info on hedge funds and the latest news from value investing world at only a few dollars a month check out ValueWalk Premium right here.

Multiple people interested? Check out our new corporate plan right here (We are currently offering a major discount)

About the Author

Anna Peel
Anna Peel is a professional writer. In the past four years, she has written for many websites including BSC Kids, Wasabi Media Group, Boomtron, and many others. She currently live in Savannah, Georgia and occasionally blogs about fashion during her free time.

Be the first to comment on "Internet Explorer 11 Exploited In Pw2Own Hacking Contest"

Leave a comment