Follow Naijacrux on twitter .follow us on Twitter www.twitter.com/naijacruxonline, or @naijacruxonline or search for naijacruxonline on twitter!!Like us on facebook .Like us at www.facebook.com/Naijacruxforum.Click Here To Last longer In Bed[Stay amused>>>Don’t be a one minute Foul]>>> Love need Tips-See how Here


Author Topic: White Hat Hackers Pawned Microsoft Edge and Apple’s Safari  (Read 1079 times)

0 Members and 1 Guest are viewing this topic.

Offline internet police

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1830
  • Karma: +0/-0
  • do not spam this forum
White Hat Hackers Pawned Microsoft Edge and Apple’s Safari
« on: March 16, 2018, 12:29:43 AM »
Loading...
Microsoft’s and Apple’s browsers have been targeted by white hat hackers at the Pwn2Own 2018 competition, and both applications were breached during the first day of the event.

Researcher Richard Zhu, also known as fluorescence, as well as Samuel Groß (saelo) targeted Apple’s Safari, but the first failed to breach the browser with a sandbox escape after not getting his exploit working within the time allotted.

On the other hand, saelo, who is a member of the phoenhex team, pwned Safari with a macOS kernel EoP (Elevation of Privilege) and used a three-bug chain for his attack. This attack was rewarded with $65,000.

After failing to exploit Safari, Richard Zhu also targeted Microsoft Edge with a Windows kernel EoP and used two UAFs in the browser combined with an integer overflow in the kernel to breach the browser. He earned $70,000 following this successful exploit.

Also on the first day of the event, Niklas Baumstark (_niklasb) from the phoenhex team targeted Oracle’s VirtualBox, but he managed just a partial hack, so he was rewarded with $27,000.

Browser security
While these hacks could make people believe that Microsoft Edge and Safari aren’t the most secure browsers, it’s important to know that all exploits are based on very complex attacks that are then privately disclosed to the parent companies for fixing.

Users are thus not exposed in any way, with developing firms typically shipping security patches addressing the exploited vulnerabilities shortly after Pwn2Own.

Microsoft uses the high level of security offered by Edge as one of the main catalysts to convince more users to give it a try, especially since it’s bundled as the new default in Windows 10.

On the other hand, such efforts have failed until now, as Microsoft Edge is only used by approximately 5 percent of the users worldwide as their daily driver, according to third-party data. Google Chrome is the number one browser with more than 60% share.



 

Microsoft Details why Windows 10 is the Most Secure Windows Ever

Started by yungcrux

Replies: 0
Views: 1190
Last post November 14, 2016, 05:32:47 AM
by yungcrux
Microsoft reveals Windows 10 Breaks All Records, Is the Best Windows Ever

Started by newspostng

Replies: 0
Views: 906
Last post July 01, 2016, 01:28:33 AM
by newspostng
Windows 7, Windows 8.1 Receive New Monthly Updates from microsoft

Started by lindaikeji

Replies: 0
Views: 9141
Last post July 13, 2018, 12:15:43 AM
by lindaikeji
Microsoft Admits forceful installation of Windows 10 on Windows 7/8 Users

Started by yungcrux

Replies: 0
Views: 1089
Last post November 13, 2015, 08:12:42 PM
by yungcrux
Microsoft To Launch Windows 10 Timeline Feature "Soon"

Started by lindaikeji

Replies: 0
Views: 979
Last post November 29, 2017, 07:34:20 AM
by lindaikeji
Microsoft Updates Android Browser with Picture-in-Picture Mode

Started by punch

Replies: 0
Views: 10264
Last post March 01, 2019, 06:39:59 AM
by punch
Apple Releases iOS 11.0.1 with Bug Fixes

Started by internet police

Replies: 0
Views: 916
Last post September 27, 2017, 03:07:53 AM
by internet police
Microsoft Sue Over Windows 10 Upgrade,User demands Windows 7 Back or $600M

Started by admin

Replies: 0
Views: 1107
Last post February 16, 2018, 12:35:41 AM
by admin
Microsoft launched ?Send,? an Email Client for iOS, Android version coming soon

Started by internet police

Replies: 0
Views: 1163
Last post July 22, 2015, 10:45:11 PM
by internet police
Microsoft accused of using dirty tricks to force upgrade customers to Windows 10

Started by newspostng

Replies: 0
Views: 1189
Last post May 25, 2016, 12:48:59 AM
by newspostng