An anonymous reader writes: The Pwn2Own competition is underway at the CanSecWest conference in Vancouver, and during the first day of competition Java, IE 10, Firefox and Chrome were successfully "pwned" by various competitors, bringing them tens of thousands of dollars in prizes. French security firm Vupen got most of the money, as their team managed to compromise: IE 10 on Windows 8 with two zero-days and achieved a full Windows 8 compromise with sandbox bypass; Firefox 19 on Windows 7 by using a use-after-free vulnerability and a brand new technique to bypass ASLR/DEP protection on Windows 7 without the need of any ROP (Return-oriented programming); Java on Windows 7 by using a same unique heap overflow as a memory leak to bypass ASLR and as a code execution.
#NetNeutrality is STILL in danger - Click here to help. DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×