Jump to content

Recommended Posts

Posted

Edge came off as the least secure browser at the Pwn2Own hacking event, being compromised more times than any other – pretty embarrassing for Microsoft given that the software giant has spent a lot of time talking up Windows 10’s browser on the security front.

The hacking extravaganza held at the CanSecWest security conference, which aims to find critical bugs and flaws so they can be patched, saw Edge being successfully exploited no less than five times (making a far worse account of itself than last year, when it was only hit twice).

Successful hacks leveraged against Microsoft’s browser included efforts using vulnerabilities in the Chakra JavaScript engine, and a major exploit which utilized a heap overflow bug (in combination with other tricks) to pull off a ‘virtual machine escape’.

In other words, the ethical hackers in question managed to escape the confines of a virtual machine to attack the host system it was running on – something that has never before happened at Pwn2Own.

As Tom’s Hardware reports, a team called 360 Security pulled this one off, and netted a cool $105,000 (around £85,000, AU$135,000) for doing so.

Chrome’s security dome

Microsoft Edge ended up being the worst browser in terms of getting hacked, then, but which was the most secure? As with last year’s Pwn2Own, it was Google’s Chrome, which wasn’t hacked at all; an impressive result indeed.

Firefox was beaten once, and Safari was compromised 3.5 times – the ‘half’ being a partial success (it was judged thusly because the bug in question had already been fixed in a beta version of the browser).

Safari didn’t do so well, then, and as we saw at the end of last week, hackers also used Apple’s browser as a route to flash up a message on the new MacBook Pro’s Touch Bar.

Even so, it still did better than Edge.

As we already mentioned, Microsoft is hardly going to be happy about this, particularly given that in recent times it has been hyping Edge strongly on the security front.

We’d be very surprised if a concerted effort isn’t made to ensure that the browser improves its performance and doesn’t finish in last place at next year’s Pwn2Own.

rbIzjNMQHMc
Posted

Saw it today also, MS loosing its Edge:P

And Win10 forcing down updates, figures why now. MS claiming that Win7 etc being insecure in my ...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.