Security firm finds two zero day IE10 Windows 8 exploits

Internet Explorer 10 running on Windows 8 is apparently open to at least two exploits that can be used to hijack the OS from its owners. That's the new claim from a French computer security firm who says it found the two zero day flaws in IE10 as part of a hacking conference.

The company, VUPEN Security, posted its claim on its Twitter account today. It said:

The company found the IE10 security holes as part of its participation in the The Pwn2Own hacking competition, part of the CanSecWest conference in Vancouver. The same security firm also found an exploit in Mozilla's Firefox that allowed the team "to bypass ASLR/DEP on Win7 without the need of any ROP.” In this case, the flaw was opened in part from a new method that will apparently remain in the hands of VUPEN.

VentureBeat reports that another security company, the UK-based MWR Labs, managed to break into Google's Chrome web browser to hijack Windows 7. The firm won $100,000 in the competition from HP’s DVLabs. Both MWR and VUPEN gave the information they gathered from their successful hackiing of those browsers to Microsoft, Google and Mozilla, all of which will likely release patches to close those holes soon.

Source: VUPEN on Twitter

Report a problem with article
Previous Story

From The Forums: Neowin member runs Android on Surface Pro

Next Story

"iWatch" could come with iOS and make Apple $6 billion a year, says analyst

18 Comments

Commenting is disabled on this article.

"VentureBeat reports that another security company, the UK-based MWR Labs, managed to break into Google's Chrome web browser to hijack Windows 7. The firm won $100,000 in the competition from HP's DVLabs"

Hmmm... but according to Google Chrome's Twitter feed (@googlechrome) "Thanks for another great #Pwnium at #CanSecWest! No winning entries but we're evaluating work that may qualify as partial credit-stay tuned!"

...which would give the impression that Chrome wasn't successfully hijacked.

GreatMarkO said
...which would give the impression that Chrome wasn't successfully hijacked.

No, it was, but Google has very high standards. So, MWR were able to execute arbitrary code in the renderer process but were trapped inside the sandbox. So they used a flaw in Windows to escape the sandbox. That's all that's required of you in the Pwn2Own contest.

For Google to count it, it can only use vulnerabilities in Google's code.

Pwnium at CanSecWest is another competition that Google run independently of pwn2own at the conference. So there statement may well be true.

Considering everyone in the field would understand what that means, I see no problem. Call it "unprofessional" if you want, but our language is evolving every day.

Snowknight26 said,
The name of the conference is Pwn2Own so that is an appropriate response.

To be precise, that's the name of the competition. The name of the conference is CanSecWest.

should've spread the technical finding to the wild, to force browser vendor to accelerate browser updates to 1 updates / day.

Torolol said,
should've spread the technical finding to the wild, to force browser vendor to accelerate browser updates to 1 updates / day.

and this logic make sense to you?

Enron said,
Yeah but can you get around sandbox AND Norton?

Its a matter of time before Symantec releases the Norton source code xD,

javagreen said,

Would be easy considering Norton on x64 doesn't protect against advanced attacks like code injection and keylogging, among others.

Read more here : https://support.norton.com/sp/...741_N360_N360RET_2013_en_us


No, that tells me the components for configuring those categories isn't available in the 64bit version, doesn't say hat it doesn't protect against them. (Not saying it does, just that the material provided as source doesn't quantify your statement as correct).

Kami- said,

No, that tells me the components for configuring those categories isn't available in the 64bit version, doesn't say hat it doesn't protect against them. (Not saying it does, just that the material provided as source doesn't quantify your statement as correct).

That page is put up by Norton themselves, the maker and seller of said product. It's apparently very easy to understand that they really wouldn't openly state : "Sorry folks, our product doesn't cover that".

It's funny you fell for the "components for configuring those categories isn't available in the 64bit version" BS.