June 11, 2010

Hackers Exploit Windows 7 in 2 Minutes

It didn’t take more than 2 minutes for the first hacker at Pwn2Own hacking contest to sidestep the security measures of Windows 7, MCTS Training, MCTS Certification.

Both Peter Vreugdenhil of the Netherlands and a German who called himself Nils succeeded in exploiting a fully updated 64-bit version of Windows 7 by disabling DEP and ASLR, two of the most important security measures in the operating system, during the annual hacking contest in Vancouver, British Columbia

Vreugdenhil, a freelance vulnerability researcher, who used Internet Explorer 8, didn’t need more than a couple of minutes to gain control over the computer. Approximately half hour later, Nils, a computer science student who last year nabbed Pwn2Own’s $15,000 cash prize by exploiting Firefox, Safari and IE8, circumvent the same defensive mechanisms to exploit Mozilla’s Firefox 3.6.

Both hackers were awarded with the notebook they attacked, $10,000 in cash and a paid trip to the DefCon hackers conference in Las Vegas this summer.

TippingPoint, one of the sponsors of the contest, bought the rights to the attack codes and vulnerabilities used by Vreugdenhil and Nils. The information will be handed over to Microsoft and Mozilla.

Hackers Exploit Windows 7 in 2 Minutes

It didn’t take more than 2 minutes for the first hacker at Pwn2Own hacking contest to sidestep the security measures of Windows 7, MCTS Training, MCTS Certification.

Both Peter Vreugdenhil of the Netherlands and a German who called himself Nils succeeded in exploiting a fully updated 64-bit version of Windows 7 by disabling DEP and ASLR, two of the most important security measures in the operating system, during the annual hacking contest in Vancouver, British Columbia

Vreugdenhil, a freelance vulnerability researcher, who used Internet Explorer 8, didn’t need more than a couple of minutes to gain control over the computer. Approximately half hour later, Nils, a computer science student who last year nabbed Pwn2Own’s $15,000 cash prize by exploiting Firefox, Safari and IE8, circumvent the same defensive mechanisms to exploit Mozilla’s Firefox 3.6.

Both hackers were awarded with the notebook they attacked, $10,000 in cash and a paid trip to the DefCon hackers conference in Las Vegas this summer.

TippingPoint, one of the sponsors of the contest, bought the rights to the attack codes and vulnerabilities used by Vreugdenhil and Nils. The information will be handed over to Microsoft and Mozilla.
Bookmark and Share