You've got to love hacker conferences. Software vulnerabilities are never going away, that much is obvious, but it's with competitions at hacker conferences where we can really see just how vulnerable the software we use every single day is. Putting this into perspective, prior to the Pwn2Own conference in Canada, Google patched-up ten bugs in Chrome - six of which were considered severe. Despite that, Chrome was hit with a zero-day during the conference that granted code execution in the browser's sandbox renderer process.
Chrome is hardly the only guilty party, however. Equally-severe exploits were presented for IE 10 under Windows 8, IE 9 under Windows 7, Firefox under Windows 7 and Safari under OS X Mountain Lion. Aside from browsers, Adobe's Flash and Oracle's Java also had some flaws demonstrated. Ironically, despite the sheer number of bugs creeping through the cracks for Java lately, the bounty on its exploit was only $20,000. By comparison, $100,000 was being offered for breaking Chrome under Windows 7.
For the hackers, these exploits have paid off handsomely, but fortunately for the rest of us, the execution specifics are going into lock-down, and the victim companies will be worked with privately to get the issues patched up.
|EVGA Greets GeForce GTX 980 & 970 Launch...||8|
|Acer Announces 28-Inch XB280HK Monitor...||7|
|New Radar Gun Technology Will Allow...||7|
|Rattle and Hum: U2 And Apple Working On...||4|
|Review: NVIDIA's GeForce GTX 980 And...||4|
|Destiny Pulls In $325 Million Worldwide...||4|
|Xbox One Game Controller Coming To...||4|