Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: CanSecWest Pwn2Own Victories

24 Mar 2010   #1

Windows 7 & Windows Vista Ultimate
CanSecWest Pwn2Own Victories

The big excitement at the popular CanSecWest Applied Security Conference in Vancouver, British Columbia, Canada is the Pwn2Own events. The take-downs, so far, from ZDNet:

Ryan Narine posted on Twitter that "Nils" took down Firefox, also on a Windows 7.

My System SpecsSystem Spec
24 Mar 2010   #2

Windows 7 & Windows Vista Ultimate

Here's the Firefox report:

Pwn2Own hack topples Firefox on Windows
My System SpecsSystem Spec
27 Mar 2010   #3

Windows 7 & Windows Vista Ultimate

Microsoft's response to the IE8 take-down:

Protecting Browsers with Defense In Depth Techniques - Windows Security Blog - The Windows Blog

In particular note the bolded part from the quote below. IOW, there will continue to be new exploits and all we can do is keep our defenses up.

Recently, there has been some news from some security researchers about how they've managed to bypass DEP or ASLR in Internet Explorer (and Firefox as well). But like the fire-proof safe example above, defense in depth techniques aren't designed to prevent every attack forever, but to instead make it significantly harder to exploit a vulnerability. Defense in depth features, including DEP and ASLR continue to be highly effective protection mechanisms.
My System SpecsSystem Spec

02 Apr 2010   #4

Windows 7 & Windows Vista Ultimate

Mozilla released Firefox version 3.6.3 to fix the vulnerability Nils used at CanSecWest.

Release Notes

Security Advisory
Title: Re-use of freed object due to scope confusion
Impact: Critical
Announced: April 1, 2010
Reporter: Nils (MWR InfoSecurity)
Products: Firefox

Fixed in: Firefox 3.6.3


A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint's Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.

Note: The contest winning exploit only affects Firefox 3.6 and not earlier versions. We will be patching Firefox 3.5 in an upcoming release just in case there is an alternate way of triggering the bug.
My System SpecsSystem Spec
15 Apr 2010   #5

Windows 7 & Windows Vista Ultimate

It took Apple a while to patch the Pwn2Own bug -- although they were considerably faster this year at 21 days as compared to 55 last year.

Today, Miller confirmed that the vulnerability Apple patched was the one he used last month to earn a $10,000 prize. "That must be it," he said. "I haven't given them any other bugs."

In fact, Miller refused to divulge additional bugs he'd found in Apple's operating system during the conference, instead giving a presentation on how he used "dumb fuzzing" techniques to uncover more than 20 exploitable vulnerabilities in Adobe, Apple and Microsoft software. During the presentation, Miller argued that security is a "broken record," and said that it was more effective in the long run to simply show the companies how to replicate his work.

"What I can do is tell them how to find these bugs, and do what I did. That might get them to do more fuzzing," Miller said in a March interview. That, he maintained, would result in more secure software.
More at the source: Apple patches Pwn2Own bug - Computerworld
My System SpecsSystem Spec
15 Apr 2010   #6

windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home

10 Lessons From The Pwn2Own Hacker Contest

the crux:
1.Dedicated Attackers Will Always Win
2.Google Chrome Survives: Most Secure? Nope
3.ASLR + DEP Bypass Puts Hackers Ahead
4.Despite Hack, IE 8 Most Protected Browser
5.iPhone Sandbox Model Not Enough
6.Apple Safari Still Easiest to Hack
7.Monetary Value of Vulnerabilities Still High
8.Mozilla Falls Short on Firefox ASLR Implementation
9.Respect The Fuzzer
10.Apple Desperately Needs an SDL Program
My System SpecsSystem Spec

 CanSecWest Pwn2Own Victories

Thread Tools

Similar help and support threads
Thread Forum
Pwn2Own 2015: Day Two Results Oooh goody. I am sure we can all look forward to out-of-band/critical updates next week. Firefox has already gone to v36.0.4
System Security
IE and Safari out at Pwn2Own on day 1
I really wish they would have tested IE9...but not being released yet means they won't...because pre-release versions of something are just that, unfinished and not ready for prime-time. Making sport of browser security, hackers topple IE, Safari • The Register Google's Chrome...

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:31.
Twitter Facebook Google+