Microsoft Edge is the least secure browser at Pwn2Own, Chrome instead inviolate
The Microsoft browser proved to be the least secure at Pwn2Own 2017, where he was washing five times in three days.
Hard times for Microsoft Edge, the modern browsers pre-installed on Windows 10. After more than a year and a half after its launch to the public Edge has only 5% of the market share, and in recent days has been targeted during the Pwn2Own hacking competition, in which different groups and security experts have tried to ” pierce ” the software at their disposal for purposes ” benevolent “. By discovering bugs and demonstrating the exploit, developers can correct the flaws.
Chrakra it was the responsible for most of the hacks suffered by Edge, while in one case the security team 360 Security was able to perform a ” virtual machine escape ” through the browser.
This is due to the exploitation of multiple vulnerabilities, not all related to Edge: a heap overflow bug in the browser, an uninitialized buffer in VMWare Workstation, and a bug in the Windows kernel. With this one exploits the 360 Security team was able to take home a prize of 105 thousand dollars. Across Safari, the browser for Mac, has been breached three times, plus a partial exploit. Situation not exactly thriving not even for the Apple software.
Two hacks instead tempted Mozilla Firefox, although only one has been successful in competitions of Pwn2Own 2017. For having behaved flawlessly side browser was Chrome: just an attempt of aggression has been done on the Google software, but the expert team failed to complete the exploit within the time specified for the competition. At the moment, we do not know if this attack could pose a danger to users of the Big G. browser.