Posts Tagged ‘Security’

IE8 just launched and immediately hacked

Friday, April 10th, 2009

The final code for the Internet Explorer 8 by Microsoft was introduced recently. This was hacked by a researcher from Germany in the PWN2OWN contest eventually winning $5000 and a Sony VIAO laptop. Nils is a student of computer science from Germany. He ruined into Sony in just a few minutes by taking benefit of an undisclosed weakness in the new Internet Explorer 8. Tipping point was the sponsor of this hacking contest. The laptop used by the researcher was running on the Microsoft internal build for the Windows 7. IE8 is the final version of Microsoft which can be used for Windows Vista, XP, as well as Server 2003 and 2008. It has been tagged as the final edition to their Windows 7. The version has not yet been unconfined to the public.
Microsoft conducted the hacking contest to find out the bug and deal with it. This has helped them to build a more secure and safe Internet Explorer which is hacker free. There are situations when some vulnerability arises during the product development which will obstruct the release of the product. Microsoft wanted to evaluate any vulnerability which existed in the new Internet Explorer 8. Tipping point has bought these vulnerabilities and its rights and has awarded a cash prize to the hacker who cracked IE8. This helps in knowing about the low points of the browser and makes the necessary changes. Microsoft was brought down to ground zero by the hacker who hacked through the product even before its release. Microsoft just watched how a researcher from Germany hacked through their system and went away winning a cash prize and a laptop. Nils only took five minutes to hack through the all new IE8. Tipping Point has handed over all the codes and details to the operation manager Mike Reavey of Microsoft Security Research Center. Reavey was at CanSecWest where the security conference of PWN2OWN was being held.
The code was taken back to the company and it has been filed as a bug. It is said to be a real winner story for Tipping Point as well as Microsoft who had the chance to interact with Nils and know more about the problem. The bug has been reproduced in the labs of Microsoft and they are working to make IE8 more foolproof. The vulnerability has not yet been confirmed by Microsoft. After the vulnerability will be confirmed, Microsoft has claimed to take necessary action to protect all its customers. It is said that the build which was used in the contest is not original RTW build that was released. Nils after successfully hacking the IE8 has moved to the Safari browser by Apple Inc and the Mozilla Firefox. He has successfully attacked both these codes which he created earlier. Nils gathered total prize money of $15,000 by hacking some of the popular internet browsers. The contest opened up new avenues for Microsoft, Mozilla and Apple to make their internet browsers foolproof.