Pwn2Own 2012: IE 9 hacked with two 0day vulnerabilities
Microsoft’s Internet Explorer 9 browser has fallen.
A team of French researchers exploited two different IE zero-day flaws to break into a fully patched Windows 7 SP1 machine and take an almost unassailable lead in this year’s CanSecWest Pwn2Own competition.
The hacking team, from French security research outfit VUPEN, used an unpatched heap overflow bug to bypass DEP and ASLR and a separate memory corruption flaw to break out of the browser’s Protected Mode sandbox. The code execution attack, which required no user action beyond browsing to a rigged web site, also works on Internet Explorer v10 (consumer preview) running on Windows 8.