Microsoft’s browser folks have to hate when Pwn2Own rolls around every year. It’s not that unusual for every browser to get hit with a nasty zero-day exploit, but it seems like Microsoft leads the pack, year after year after year. Some of this had to do with the aging nature of legacy Internet Explorer. Even in IE11, which had some limited sandboxing capabilities, it just seemed to be perpetually bullied by the security community.
Obviously this isn’t just the fault of the Edge browser, but the headlines all lead with it anyway. Still, the point of the entire competition make a competition out of bug bounties, and the good thing is that this should soon be patched to avoid it all together.
Still, the idea of gaining host access from a virtualized browser is just about a nightmare scenario.
Ars Technica comments:
- Windows 10 S and Ransomware - June 23, 2017
- Cloud Extensions, DevOps Models, and Playing with GUIs on Docker with Gestalt Cloud News 17.6 - June 22, 2017
- AMD’s Future in Servers: New 7000-Series CPUs Launched and EPYC Analysis - June 22, 2017
- PCIe versus Ethernet in a Composable System - June 22, 2017
- Managing Your IT Career – The On-Premise IT Roundtable - June 20, 2017
- Wavebox: All Your Web Apps Are Belong To Us - June 16, 2017
- Excelero’s NVMesh Magic - June 14, 2017
- A Quick Look at LinuxKit Packaging System - June 14, 2017
- Advice to Vendors: Know Your Identity - June 9, 2017
- QNX Gets Containers - June 8, 2017