Mozilla Firefox Most Exploited Browser At Pwn2Own 2014 Event
Security researchers participating in the event were able to exploit vulnerabilities in Firefox three separate times on the first day of the event, plus one more time on the second day. That brought the tally to four, which is more than any of the other browsers. The good news for Firefox fans is that Mozilla is typically quick to patch zero-day exploits in Firefox, which is on a rapid release schedule.
Security researcher Mariusz Mlynski demonstrating exploit on Mozilla Firefox. Source: Pwn2Own
"We are working quickly to address each of these bugs and expect to deliver fixes next week," Sid Stamm, senior engineering manager of security and privacy at Mozilla, told eWEEK.
Stamm also said that the risk of Firefox users being compromised from any of the four zero-day bugs within the next couple of days is pretty low, so there's no need to hit the panic button. As to why Firefox was exploited more than the other browsers during the event, Stamm believes it comes down to money. Even though Firefox has a bug bounty program of its own, Pwn2Own pays larges sums of money -- each Firefox flaw was worth $50,000 -- which may have prompted security researchers to hold off on sharing previously discovered exploits until the event.