This week, at the PwnFest 2016 contest held at the Power of Community security conference in Seoul, hackers compromised Microsoft Edge operating on Windows 10 Red Stone 1 and for the first time demonstrated how to hack VMware Workstation 12.5.1. without user interaction.
The security experts will report details of the attacks to vendors avoiding to disclose them before a fix will be released.
At PwnFest 2016, researchers from the Chinese security firm Qihoo 360 and South Korean security researcher JungHoon hacked in just 18 seconds the Windows 10’s Microsoft Edge web browser.
The hackers devised a method to launch system-level attacks that in the case of VMware hacks could be also performed remotely.
The researchers demonstrated a total of four hacks targeting the new Google Pixel running Android version 7 (Nougat), Adobe Flash via Microsoft Edge on Windows 10 Red Stone 1, and Apple Safari on MacOS Sierra.
The hackers earned $140,000 for the Windows Edge hacks, while Qihoo hacker team and Lee earned $150,000 for the hack of the VMware Workstation 12.5.1.
The Qihoo team confirmed to have spent six months to discover three vulnerabilities that were chained to hack the systems. The chained flaws including a possible use-after-free, confirmed out-of-boundary read, and out-of-boundary write exploits.
(Security Affairs – Microsoft Edge, hacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.