CanSecWest Pwn2Own: Would IE8 have been exploitable had the event waited one more day?

Published: 2009-03-24
Last Updated: 2009-03-24 01:19:30 UTC
by G. N. White (Version: 1)
1 comment(s)

 

"Safe" Internet web browsing experiences - a concept that tends to sometimes get overlooked when considering an assessment of our own personal (or corporate) Internet security posture.  The "Pwn2Own" event recently held at CanSecWest certainly raises suspicions as to how secure our web browser (of choice) may actually be in preventing us from becoming the next Negative Internet web browsing statistic - but due to the nature and rules of the event, none of the details for the winning methods and procedures get immediately released.

Ironically, in terms of the IE8 browser exploit, a bit of detail was noted for the winning method and procedure on the sponsor's DVLabs blog - "...a sleek exploit against IE8, defying Microsoft’s latest built in protection technologies- DEP (Data Execution Prevention) as well as ASLR (Address Space Layout Randomization)".

In reading the latest blog entry (March 23rd) on the Microsoft Security Research & Defense website, it goes out of its way to hilite a specific statement:  "The final release of Internet Explorer 8 on Windows Vista blocks the .NET DEP+ASLR bypass mechanism from malicious websites on the Internet".

So this begs the question:  Had the organizers of the Pwn2Own event waited another day for the "Official" release of IE8 to become available, would IE8 really have been exploitable?

G.N. White

ISC Handler (Because timing really matters!)

 

1 comment(s)

Comments

I look forward to hearing details of the Pwn2Own exploits. I'd like to know if additional, paranoid security measures could have prevented the exploits (eg. by disabling JavaScript or ActiveX, not installing certain plugins, etc.).

Diary Archives