Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft Edge browser fails to fend off five attacks at Pwn2Own hacking event

Mark Coppock
By

exploit
Image used with permission by copyright holder
One of the premier hacking contests is Pwn2Own, where security teams get together and see if they can break into the leading operating systems and web browsers. The 2017 version of Pwn2Own is now in the past, and Microsoft’s Edge is the loser.

Edge is an important browser for Microsoft, representing the next generation of Windows web browser that’s intended to take over from Internet Explorer. Microsoft has touted Edge as safer than Google’s Chrome and Mozilla’s Firefox, but Pwn2Own has thrown that assertion into doubt, as Tom’s Hardware reports.

Recommended Videos

At last year’s event, Chrome took home the prize by only suffering from one partial hack. Edge was in second place with two hacks, which edged out (no pun intended) both Microsoft’s own Internet Explorer and Safari. This year, on the other hand, Edge was hacked a full five times, due to a number of vulnerabilities in systems ranging from the Chakra Javascript engine to a bug in the Windows kernel.

Related

By far the worst hack, however, was an exploit by the 360 Security team that actually managed to escape a virtual machine and attack its host, which had never happened at Pwn2Own. This kind of attack is particularly troublesome, given that one of the very reasons for running a virtual machine is to sandbox an environment and keep host machines safe.

The 360 Security team netted a cool $105,000 for the exploit. Other prizes included $80,000 for Team Ether’s Chakra exploit and $55,000 for Team Lance’s Windows kernel elevation hack. Of all the browsers, Edge was the most lucrative in terms of money awarded.

Safari was a bit more secure than Edge, with three hacks including one that provided root access to MacOS. Firefox made its way back to Pwn2Own after a yearlong hiatus, and its newly implemented sandbox technology helped it take second place with just two successful hacks. Chrome was again the event’s most secure browser, without a single successful hack against it and only one attempt.

While Pwn2Own doesn’t make any real attempt at fairness by ensuring that every browser is attacked an equal number of times, it’s obvious that Microsoft still has some work to do with Edge. Given its prominence in Windows 10, and the company’s commitment to making its latest OS the most dominant desktop environment ever, Edge needs to live up to Microsoft’s billing as the safest browser if it’s going to gain in market share.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
4 CPUs you should buy instead of the Ryzen 7 7800X3D
AMD Ryzen 7 7800X3D sitting on a motherboard.

The Ryzen 7 7800X3D is one of the best gaming processors you can buy, and it's easy to see why. It's easily the fastest gaming CPU on the market, it's reasonably priced, and it's available on a platform that AMD says it will support for several years. But it's not the right chip for everyone.

Although the Ryzen 7 7800X3D ticks all the right boxes, there are several alternatives available. Some are cheaper while still offering great performance, while others are more powerful in applications outside of gaming. The Ryzen 7 7800X3D is a great CPU, but if you want to do a little more shopping, these are the other processors you should consider.
AMD Ryzen 7 5800X3D

Read more
Even the new mid-tier Snapdragon X Plus beats Apple’s M3
A photo of the Snapdragon X Plus CPU in the die

You might have already heard of the Snapdragon X Elite, the upcoming chips from Qualcomm that everyone's excited about. They're not out yet, but Qualcomm is already announcing another configuration to live alongside it: the Snapdragon X Plus.

The Snapdragon X Plus is pretty similar to the flagship Snapdragon X Elite in terms of everyday performance but, as a new chip tier, aims to bring AI capabilities to a wider portfolio of ARM-powered laptops. To be clear, though, this one is a step down from the flagship Snapdragon X Elite, in the same way that an Intel Core Ultra 7 is a step down from Core Ultra 9.

Read more
Gigabyte just confirmed AMD’s Ryzen 9000 CPUs
Pads on the AMD Ryzen 7 7800X3D.

Gigabyte spoiled AMD's surprise a bit by confirming the company's next-gen CPUs. In a press release announcing a new BIOS for X670, B650, and A620 motherboards, Gigabyte not only confirmed that support has been added for next-gen AMD CPUs, but specifically referred to them as "AMD Ryzen 9000 series processors."

We've already seen MSI and Asus add support for next-gen AMD CPUs through BIOS updates, but neither of them called the CPUs Ryzen 9000. They didn't put out a dedicated press release for the updates, either. It should go without saying, but we don't often see a press release for new BIOS versions, suggesting Gigabyte wanted to make a splash with its support.

Read more