CVE-2011-1347: Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own competition at CanSecWest 2011.
As far as I know this string of exploits is NOT publicly available at the moment, but if you want to read more check out the full story on zdnet.
Stephen Fewer: If you look closely you can see his brain radiating heat! |
Anytime you get a bunch of geeks together and are giving away free computers and ca$h, it's a pretty good bet that something is gonna break. Nice work Fewer!
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.