Friday, 20 March 2015

Zero-Day Vulnerabilities In Flash, Windows, IE11 And Firefox Shown

During the Pwn2Own contest in Vancouver researchers have multiple zero-day vulnerabilities in Adobe Flash Player, Adobe Reader, Windows, Internet Explorer and Firefox demonstrated. The Pwn2Ownd contest is an annual event organized during the CanSecWest conference where researchers and the safety of popular browsers, and browser plug-ins can be tested.

In total on the first day of the event three vulnerabilities in Adobe Reader, three vulnerabilities in Adobe Flash Player, three vulnerabilities in Windows, two vulnerabilities in Internet Explorer 11 and two leaks in Firefox displayed. Through the vulnerabilities could allow an attacker full control of the computer without user interaction is much here for required. This involves visiting a hacked or malicious Web site or open a malicious PDF file.

None of the demonstrated vulnerabilities A security update is available, so there is zero-day vulnerabilities. However, the Pwn2Own rules state that only details may be shared with the organization. Which will then inform the relevant suppliers. Only after a security update is available researchers may publish details of the vulnerabilities.

In total, the researchers for their leak 317,500 dollars , which researcher Nicolas Joly dragging $ 90,000 knew inside. The Keen Team, consisting of several researchers, however, managed to leak in Adobe Flash Player and Adobe Reader, as well as bugs to earn the rights to increase Windows, totaling $ 140,000. Later today , various researchers are trying to re-hack Firefox and IE but there are now planned attacks on Google Chrome and Apple Safari.

No comments:

Post a Comment