Skip to main content

Microsoft Edge browser fails to fend off five attacks at Pwn2Own hacking event

exploit
Image used with permission by copyright holder
One of the premier hacking contests is Pwn2Own, where security teams get together and see if they can break into the leading operating systems and web browsers. The 2017 version of Pwn2Own is now in the past, and Microsoft’s Edge is the loser.

Edge is an important browser for Microsoft, representing the next generation of Windows web browser that’s intended to take over from Internet Explorer. Microsoft has touted Edge as safer than Google’s Chrome and Mozilla’s Firefox, but Pwn2Own has thrown that assertion into doubt, as Tom’s Hardware reports.

At last year’s event, Chrome took home the prize by only suffering from one partial hack. Edge was in second place with two hacks, which edged out (no pun intended) both Microsoft’s own Internet Explorer and Safari. This year, on the other hand, Edge was hacked a full five times, due to a number of vulnerabilities in systems ranging from the Chakra Javascript engine to a bug in the Windows kernel.

By far the worst hack, however, was an exploit by the 360 Security team that actually managed to escape a virtual machine and attack its host, which had never happened at Pwn2Own. This kind of attack is particularly troublesome, given that one of the very reasons for running a virtual machine is to sandbox an environment and keep host machines safe.

The 360 Security team netted a cool $105,000 for the exploit. Other prizes included $80,000 for Team Ether’s Chakra exploit and $55,000 for Team Lance’s Windows kernel elevation hack. Of all the browsers, Edge was the most lucrative in terms of money awarded.

Safari was a bit more secure than Edge, with three hacks including one that provided root access to MacOS. Firefox made its way back to Pwn2Own after a yearlong hiatus, and its newly implemented sandbox technology helped it take second place with just two successful hacks. Chrome was again the event’s most secure browser, without a single successful hack against it and only one attempt.

While Pwn2Own doesn’t make any real attempt at fairness by ensuring that every browser is attacked an equal number of times, it’s obvious that Microsoft still has some work to do with Edge. Given its prominence in Windows 10, and the company’s commitment to making its latest OS the most dominant desktop environment ever, Edge needs to live up to Microsoft’s billing as the safest browser if it’s going to gain in market share.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Tesla Model 3 vulnerability exposed at Pwn2Own; hackers take home the car
Tesla Model 3

A pair of security researchers who revealed a security issue for the Tesla Model 3 at the annual Pwn2Own hacking event were able to win the electric vehicle as their prize.

This is the first time that an automaker participated in Pwn2Own, which is run by Trend Micro's Zero Day Initiative and is in its 12th year. Tesla made the Model 3 available to hackers in the competition to look for vulnerabilities in the electric vehicle's system.

Read more
This HP laptop can last for up to 15 hours, and it’s $300 off
HP Dragonfly Pro front angled view showing display and keyboard deck.

If you're always using your laptop while on the go, you may want to consider buying the long-lasting HP Dragonfly Pro, which will be able to accompany you through your whole day. It's currently on sale from HP with a $300 discount that slashes its price to $1,100 from $1,400, but if you're interested, you need to be quick with your purchase. That's because we're not sure if the offer will still be around tomorrow, so if you don't want to miss this bargain, you should complete the transaction as soon as you can.

Why you should buy the HP Dragonfly Pro laptop
Unlike some laptops that will only last for a few hours when they're unplugged, the HP Dragonfly Pro's battery can last up to 15 hours on a single charge, so it will be able to accompany you through your whole day at work or school even when you're always on the move. If you need to recharge, just 30 minutes of charging will replenish about 50% of its battery. The laptop is also extremely portable with its 14-inch WUXGA display and weight of just 3.4 pounds, so it won't be a hassle to carry with you.

Read more
6 laptops you should buy instead of the MacBook Air
The Dell XPS 13 Plus on a table outside.

Apple's MacBook Air M2 is one of the best laptops. It's been holding down the fort in the 13-inch laptop class that's slowly being superseded by 14-inch machines. It's incredibly thin while still providing solid performance, superior battery life, and an excellent visual and audio experience. It's a hard laptop to beat if you're OK with macOS.

But Windows remains the dominant platform, so anyone needing a Windows laptop has some excellent alternatives. You'll spend around the same price, and you'll get excellent performance, decent battery life, and in some cases, even superior displays. Here are six laptops that you should buy instead of the MacBook Air.
Dell XPS 13 Plus

Read more