At the hacking competition Pwn2Own, serious security vulnerabilities were discovered in all major browsers, which includes Google Chrome, Apple Safari, Mozilla Firefox and Microsoft Internet Explorer. This year the star of the show was South Korean security researcher JungHoon Lee, who goes by the nick name lokihardt. During the event he made a total of $225.000 in bug bounties, due to the amount and severity of the security related bugs he discovered.
It took JungHoon Lee only two minutes to demonstrate the vulnerabilities in Google Chrome. He exploited both the current stable version of Chrome and the Beta using a buffer overflow race condition. The very same vulnerability also allowed him to gain system access through two different Microsoft Windows kernel drivers.
As if that’s not enough already, Lee also managed to gain read/write permissions through a TOCTTOU vulnerability in the 64 bit version of Internet Explorer 11 (IE11) and he also exploited Safari using a use-after-free (UAF) vulnerability in an uninitialized stack pointer.
More or less severe bugs and vulnerabilities have been discovered in the following very well-known softwares:
- Microsoft Windows OS: 5 bugs
- Microsoft Internet Explorer 11: 4 bugs
- Mozilla Firefox: 3 bugs (vulnerability already fixed)
- Adobe Reader: 3 bugs
- Adobe Flash: 3 bugs
- Apple Safari: 2 bugs
- Google Chrome: 1 bug
While Lee earned the most in bug bounties and was the only one who discovered a vulnerability in Google Chrome, the other security researchers at Pwn2Own all did an impressive job. This proves just how insecure even the most widespread software products are, which are backed by the world’s best programmers and huge funding. It is scary to imagine how vulnerable less widespread software likely is, if it exceeds a few lines of code.