Hacker Compromises Microsoft’s Windows 10 Browser in Just 18 Seconds
Homehackingmicrosoft

Hacker Compromises Microsoft’s Windows 10 Browser in Just 18 Seconds

SHARE:

Twitter Facebook Google Pinterest
0 0 Comments Friday, 11 November 2016 Edit this post
Info!Microsoft Edge was hacked twice at this year’s PwnFest

Microsoft Edge, which the Redmond-based software giant praised on several occasions for its high level of security, was hacked twice at PwnFest, with one of the attacks being successfully completed in no less than 18 seconds.
Security experts from Chinese firm Qihoo 360 managed to steal the show after they managed to break into Microsoft Edge and WMware Workstation without user interaction, The Register is reporting.

In the case of Microsoft, there were two successful exploits, both of which were based on SYSTEM-level code execution in the browser. One of the vulnerabilities was exploited by a security researcher team at Qihoo 360, while the other one was discovered by South Korean hacker Lokihardt, who managed to break into the browser in just 18 seconds.

Their efforts were rewarded with $140,000, but details of the exploits were submitted to Microsoft in order to patch them and prevent other successful attempts in the future.

According to the same report, a Qihoo team also managed to hack VMware Workstation 12.5.1 and received an award of $150,000 for discovering the exploits.

Patch Tuesday fixes

 Microsoft has already patched some security flaws that the hackers planned to use in their exploits and the company will most certainly do the same with the other ones that allowed the hackers to break into the browser, but given that details have been shared privately, no user is put at risk in the meantime.

For example, the November 2016 Patch Tuesday rollout brought us MS16-129, which is a cumulative security update for Microsoft Edge that blocks Remote Code Execution flaws, and likely some of which were supposed to be used at PwnFest (although exploiting them requires user interaction, whereas hackers’ attempt didn’t involve such a thing).

“This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights,” Microsoft explains.

The bottom line here is that there’s no hackerproof software out there no matter the developing company and this is why it’s always critical to run up-to-date applications on your computer.



SHARE:

Twitter Facebook Google Pinterest

RECOMMENDED FOR YOU

Windows 10 Displaying Edge Browser Ads in the Taskbar when using Google Chrome

Microsoft Makes Windows10 Updates Smaller And Faster With New OS Feature

Windows Phone has nearly Disappeared Research Shows

Google Discloses Bug that makes all Windows users Vulnerable,Angers Microsoft

Microsoft Worker arrested for child pornography after the company turned him in

Microsoft Surface Studio PC Full Technical Specifications

Name

2016,2,2017,1,360degree,1,360video,1,4k,1,5g,1,8K,1,A series,1,account,2,adobe,1,ads,2,aerial,1,altaba,1,ambassador,1,andriod,30,android,2,antivirus,3,Apple,53,apple watch,1,Apps,34,appstore,1,arrest,1,assassin creed 3,1,atm,1,attack,3,audio,1,backdoor,1,backup,1,ban,3,bank,4,battery,4,best of 2016,2,beta,1,bitcoins,1,bittorrent,8,block,1,bluetooth,1,britney spear,1,browser,8,business,2,bypass,1,callofduty,1,camera,1,cars,1,cash,1,cellebrite,1,CES2017,3,charge,1,china,2,chrome,2,CIA,1,cocacola,1,commandprompt,1,complaint,1,connection,2,copyright,2,cortana,1,crash,1,crime,3,cyanogen,1,cyberlocker,1,D-link,1,darkweb,1,dash charge,1,database,1,databeach,5,ddos,6,deadpool,1,death,1,dell,2,denuvo,1,design,1,desktop,1,dji,1,dmca,2,dns hijacking,1,domain,1,doom,1,download,1,downloader,2,drone,3,durable,1,dvdvideosoft,1,edge,1,eset,1,ex.ua,1,expert,1,explode,3,exploit,1,extratorrent,2,facebook,11,fake,3,fbi,1,FDA,1,findmyiphone,1,fireEye,1,firefox,2,FTC,1,g6,1,gadget,11,galaxy A5,1,galaxy A7,1,galaxy C5,1,game,19,game of throne,1,gaming,2,Gear s2,1,Gear s3,1,giveaway,1,google,28,google playstore,1,hacker,5,hacking,75,hangouts,1,history,1,htc,1,htc 10,1,huawei,3,hyperloop,1,illegal,3,imax,1,imessage,1,improvement,1,india,3,information,1,inspire2,1,instagram,3,intel,1,internet,19,ios,28,ios 10.2,1,iphone,33,iphone 7s,1,iphone6,4,iphone6plus,3,iphone6s,4,iphone7,2,iphone7plus,3,japan,1,kapustkiy,1,kaspersky,3,keyboard for andriod,1,kickass,1,killer,1,laptop,1,latest,13,leak,11,lg,2,limes audio,1,linkedln,2,linux,3,live video,1,lottery,1,lynda,1,mac,1,macbook,5,malware,10,medical report,1,microsoft,43,money,1,monitor,1,movie,1,Music,5,nasa,2,navy,1,netflix,4,network,1,news,2,nintendo,2,noaa,1,nokia,4,nokia 6,1,north korea,1,note5,1,note7,5,nougat,7,nsa,1,office,1,oneplus,4,oneplus 3,1,oneplus 3T,1,oneplus4,1,online,1,os,5,ourmine,2,pacemaker,1,password,2,patch,1,pc,2,periscope,1,photography,2,picture,1,piracy,7,pirate,6,pirate bay,6,pixel,6,pixel xl,1,pizza,1,playstation,4,playstore,3,pokemon go,1,police,1,powershell,1,prisma,1,prison,1,privacy,2,project Valerie,1,Projector,1,protection,1,prototype,1,putlocker,1,qualcomm,1,ransomware,2,raspberrypi,1,rating,1,razer,1,recall,6,red star,1,redstone,1,refund,1,remove,1,rename,1,review,2,rumors,4,russia,7,s6,1,s6edge,1,s7,1,s7edge,2,samsung,27,satelite,1,searchengine,1,security,34,selfie,1,server,1,shadow broker,1,shutdown,8,siri,1,skippable,1,skype,1,smartphone,101,socialnetwork,11,software,1,sony,5,space,2,sqlinjection,1,stolen,1,supercomputer,1,supermario run,2,support,1,system,2,tabs2,1,tango,1,target,1,tech,53,Technology Explained,4,tesla,1,the mummy,1,tools,1,torrent,10,torrent site,1,track,1,trademark,1,TV show,1,twitter,5,ubisoft,2,uk,4,unlock,1,upcoming,1,update,22,us,5,usbkiller,1,users,1,USTR,2,vespa,1,video,4,videoplayer,1,vines,1,visualstudio,1,vlc,1,VR,3,vulnerability,15,vulnrrability,1,warning,1,watchdog2,1,website,2,what.cd,2,whatsapp,1,wifi,3,wikileaks,1,windows,33,windows10,5,wireshark,1,xbox,4,xiaomi,1,xperia,2,yahoo,1,youtube,5,youtubekids,1,
ltr
item
MOUNT TECH: Hacker Compromises Microsoft’s Windows 10 Browser in Just 18 Seconds
Hacker Compromises Microsoft’s Windows 10 Browser in Just 18 Seconds
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgK-GKpz-2ufMCY7vRLfmizfRDJ1uvdksxqTHtBOGQsv4OPAHJcQw0Zt_mVTrbNox74kTy6UwUyN1_JKDgnE7GC0kpD-4Q9TmQDPs66Z9_dLm5rUU5DWVbJD1ATpaukbtUG7pCgyCZUPVCT/s1600/microsoft+edgeg+hacked.jpg
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgK-GKpz-2ufMCY7vRLfmizfRDJ1uvdksxqTHtBOGQsv4OPAHJcQw0Zt_mVTrbNox74kTy6UwUyN1_JKDgnE7GC0kpD-4Q9TmQDPs66Z9_dLm5rUU5DWVbJD1ATpaukbtUG7pCgyCZUPVCT/s72-c/microsoft+edgeg+hacked.jpg
MOUNT TECH
http://mount-tech.blogspot.com/2016/11/hacker-compromises-microsofts-windows-10-browser-in-just-18-second.html
http://mount-tech.blogspot.com/
http://mount-tech.blogspot.com/
http://mount-tech.blogspot.com/2016/11/hacker-compromises-microsofts-windows-10-browser-in-just-18-second.html
true
5023700227490855537
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy