Edge, Microsoft’s most secure browser, got hacked at Pwn2Own

Madeleine Dean By: Madeleine Dean
2 minute read
microsoft edge hacked

Home » News » Edge, Microsoft’s most secure browser, got hacked at Pwn2Own

Microsoft has stated countless times that Edge is the most secure browser its engineers have ever created. However, white hat hackers recently proved otherwise.

Pwn2Own is the world’s best-known hacking contest where many hackers gather together and try to identify and exploit software vulnerabilities. At this year’s edition, software solutions such as Oracle VirtualBox, Microsoft Hyper-V Client, Chrome, Safari, Edge, Firefox, Adobe Reader, Microsoft Outlook, and many more were available for hacking.

The winner of the 2018 Pwn2Own edition is Richard Zhu, a hacker who managed to break through Edge’s and Firefox’s security barriers.

Richard returned to target Microsoft Edge with a Windows kernel EoP […] After his first attempt failed, he proceeded to debug his exploit in front of the crowd while still on the clock. His second attempt nearly succeeded, but the target blue screened just as his shell started. His third attempt succeeded with only one minute and 37 seconds left. In the end, he used two use-after-free (UAF) bugs in the browser and an integer overflow in the kernel to successfully run his code with elevated privileges.

Zhu was rewarded $120,000 for his results.

Microsoft should soon roll out a patch

The Pwn2Own contest was organized by Trend Micro’s Zero Day Initiative (ZDI). The company then offered vendor representatives more details about the exploits that hackers used during the competition.

However, these vulnerability details are not yet available to the public as vendors have 90 days at their disposal to issue the corresponding patches.

In other words, Microsoft should soon release a patch targeting these recently revealed vulnerabilities.

Speaking of vulnerabilities, Microsoft recently launched a new bug bounty program that rewards you $250,000 to find security issues in its programs.

For more information on how to protect your Windows 10 computer against the latest cyber security threats, check out the guides listed below:

Discussions

Next up

Windows 7 apps should work fine after Windows 10 upgrade

Matthew Adams By: Matthew Adams
2 minute read

Microsoft will stop supporting Windows 7 at the beginning of 2020. Then the software giant will stop releasing patch updates for Win 7. As such, […]

Continue Reading

What are the best tools to convert DVDs to MP4 files?

Vladimir Popescu avatar. By: Vladimir Popescu
Less than a 1 minute read

In the past, if you wanted to watch a movie at home, you had to use a clunky DVD player and the TV you had […]

Continue Reading

Surface Dial 2 could sport an interesting touch sensor

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

It seems like 2019 is going to be a busy year for the Surface team and Microsoft. The tech giant has the most interesting update […]

Continue Reading