Microsoft Responds to 2 Minute IE8 Hack.

[JMH]

At the annual Pwn2Own contest, IE8 was hacked in less than two minutes on a fully-patched 64-bit Windows 7 installation by Peter Vreugdenhil who bypassed ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention). This allowed him to run any process on a computer that visited a website which launched his malicious code, as he had complete access to an interactive shell.

Now Microsoft has responded to the incident, saying that IE8 has “some of the best safety and privacy features available today:”

Protecting Windows customers is an absolute priority for the Internet Explorer engineering team. That’s why we work hard to make sure our browser has some of the best safety and privacy features available today. We’ve spent a lot of time talking about some of the more visible safety and privacy features like our SmartScreen Filter, that protects users from socially engineered malware and phishing attacks; or the InPrivate features that put you in control of how you share your information....................

Source -
Microsoft Responds to 2 Minute IE8 Hack | Windows 7 News

 

[FoxIX]

Very interesting. Micro$oft respond to a security hack by talking about all the security that the browser has. I think that this is going to be a case of "rats deserting a sinking ship". Not that I'm saying that the users of IE are rats of course, just using it as an analogy of how quickly people will be jumping to another browser, imho.

 

[helmutcheese]

Well it is the most secure Browser esp on Vista or Win 7 with UAC and IE Protection Mode.

If he could hack it in 2mins he could no doubt hack the others too, just they do not have the same amount of users to make it worth it same as Linux or Mac.

MS patched it at the end of the day, I will loose NO sleep over it.

 

[Capt.Jack Sparrow]

I think it's not IE its just the Hacker that is too good !!

- Captain