This is discouraging. Apparently *researchers participating in the latest Pwn2Own contest successfully exploited each of the top four most popular browsers. This is from Your Favorite Browser Just Got Hacked, But Don’t Panic. Here's an excerpt:
This past week marked the 8th annual Pwn2Own, where security researchers come from near and far to flex their talents. The goal? Demonstrate exploits on the latest builds of popular browsers, get a pile of cash in return.
The good news: because of the nature of the competition, none of the specifics of these exploits are made public until the companies behind the browsers get a chance to patch things up. So while the bugs being exploited here might be lurking in your browser, you’re probably not in danger of actually getting nailed by them before they’re cleaned up.
Mozilla, for example, tells me they’ll have Firefox patched by the end of today. None of the other browser makers had responded to our requests for comment at the time this was published.
Sure enough, Mozilla offered up two patches to users because of that. As of the time of this writing, the latest version of Firefox is 36.0.4.
*We would probably call them "hackers" in another setting.
Comments