Microsoft’s browser folks have to hate when Pwn2Own rolls around every year. It’s not that unusual for every browser to get hit with a nasty zero-day exploit, but it seems like Microsoft leads the pack, year after year after year. Some of this had to do with the aging nature of legacy Internet Explorer. Even in IE11, which had some limited sandboxing capabilities, it just seemed to be perpetually bullied by the security community.
Obviously this isn’t just the fault of the Edge browser, but the headlines all lead with it anyway. Still, the point of the entire competition make a competition out of bug bounties, and the good thing is that this should soon be patched to avoid it all together.
Still, the idea of gaining host access from a virtualized browser is just about a nightmare scenario.
Ars Technica comments:
- In Defense of Facebook’s “Protect” - February 15, 2018
- Tom Lyon – IT Origins - February 15, 2018
- Do You Want to Build a Cloud? Gestalt IT Rundown: February 14, 2018 - February 14, 2018
- AI and Machines That Think They Can Think - February 14, 2018
- Docker for Home Automation - February 13, 2018
- The Cheapest PC Is Now More Expensive and Worse - February 13, 2018
- What’s Next for Infrastructure in a Post-Meltdown Reality? - February 13, 2018
- The IT Differentiation Dilemma – The On-Premise IT Roundtable - February 13, 2018
- Silent Keyboards, a Talk with Jack Daniel, and Cisco LIVES in Gestalt News 18.7 - February 12, 2018
- The Sound of Silence: MX Board Silent Review - February 12, 2018