Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

CanSecWest Pwn2Own: Would IE8 have been exploitable had the event waited one more day?

Published: 2009-03-24
Last Updated: 2009-03-24 01:19:30 UTC
by G. N. White (Version: 1)
1 comment(s)

 

"Safe" Internet web browsing experiences - a concept that tends to sometimes get overlooked when considering an assessment of our own personal (or corporate) Internet security posture.  The "Pwn2Own" event recently held at CanSecWest certainly raises suspicions as to how secure our web browser (of choice) may actually be in preventing us from becoming the next Negative Internet web browsing statistic - but due to the nature and rules of the event, none of the details for the winning methods and procedures get immediately released.

Ironically, in terms of the IE8 browser exploit, a bit of detail was noted for the winning method and procedure on the sponsor's DVLabs blog - "...a sleek exploit against IE8, defying Microsoft’s latest built in protection technologies- DEP (Data Execution Prevention) as well as ASLR (Address Space Layout Randomization)".

In reading the latest blog entry (March 23rd) on the Microsoft Security Research & Defense website, it goes out of its way to hilite a specific statement:  "The final release of Internet Explorer 8 on Windows Vista blocks the .NET DEP+ASLR bypass mechanism from malicious websites on the Internet".

So this begs the question:  Had the organizers of the Pwn2Own event waited another day for the "Official" release of IE8 to become available, would IE8 really have been exploitable?

G.N. White

ISC Handler (Because timing really matters!)

 

1 comment(s)
Diary Archives