The Microsoft browser proved to be the least secure at Pwn2Own 2017, where he was washing five times in three days.
Hard times for Microsoft Edge, the modern browsers pre-installed on Windows 10. After more than a year and a half after its launch to the public Edge has only 5% of the market share, and in recent days has been targeted during the Pwn2Own hacking competition, in which different groups and security experts have tried to ” pierce ” the software at their disposal for purposes ” benevolent “. By discovering bugs and demonstrating the exploit, developers can correct the flaws.
At Pwn2Own 2017, it was just Microsoft Edge Browser less safe as a victim of the increasing number of exploits. The new modern software for web browsing has been hacked at least five times in three days, often targeting the Chakra JavaScript engine.
Chrakra it was the responsible for most of the hacks suffered by Edge, while in one case the security team 360 Security was able to perform a ” virtual machine escape ” through the browser.
This is due to the exploitation of multiple vulnerabilities, not all related to Edge: a heap overflow bug in the browser, an uninitialized buffer in VMWare Workstation, and a bug in the Windows kernel. With this one exploits the 360 Security team was able to take home a prize of 105 thousand dollars. Across Safari, the browser for Mac, has been breached three times, plus a partial exploit. Situation not exactly thriving not even for the Apple software.
Two hacks instead tempted Mozilla Firefox, although only one has been successful in competitions of Pwn2Own 2017. For having behaved flawlessly side browser was Chrome: just an attempt of aggression has been done on the Google software, but the expert team failed to complete the exploit within the time specified for the competition. At the moment, we do not know if this attack could pose a danger to users of the Big G. browser.