Safari, Mozilla Firefox, Microsoft Edge Successfully Hacked at This Year’s Pwn2Own Event

April 3, 2018

browsers hacked at pwn20wn competitionThis year's Pwn2Own competition for white hackers took place just a few days ago and the three browsers Mozilla Firefox, Safari, and Microsoft Edge were the favorite targets of the participants. All three browsers have been successfully compromised during the two days of the contest, so users should watch out for updates. The vulnerabilities exploited during the demonstration attacks have been reported in private to the companies who own the browsers, so these should have already started working on patches.

During the first day of the event, Richard Zhu initiated an attack against Mozilla Firefox using a Windows kernel Elevation of Privilege (EoP) exploit which involved an integer overflow in the Windows kernel, and an out-of-bounds (OOB) write in the browser. The hacker succeeded in breaching Mozilla's security right on his first attempt, receiving thus a prize of $50,000 for this particular attack, and a total of $120,000 for his entire participation in this year's Pwn2Own competition.

Some other participants were not as effective as the rules required the demonstration of successful exploits within a maximum of three attempts. The next browser on the list was Safari, and it was targeted by Nick Burnett, Markus Gaasedelen, and Patrick Biernat. The three white hackers managed to breach the Safari browser using a MacOS kernel EoP, however, as the success came on their fourth attempt they were not eligible for a prize. In this case, the bug that allowed the breach was submitted to Apple and the company is expected to push an update with a fix soon.

Yet, Apple's browser was hacked faster by another team of white hackers who used a different approach. Georgi Geshev, Alex Plaskett, and Fabi Beterke compromised Safari through a sandbox escape which included an uninitialized stack variable in the Mac operating system and a heap buffer underflow. This method allowed the hackers to gain code execution rights and bring the attack to a successful end. The team earned $55,000 for that breach. Patches for the exploited vulnerabilities should be included in the next patch cycles of each of the affected companies.

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 5 + 4 ?