As expected the CanSecWest Vancouver 2009 Pwn2Own contest has triggered some nice and useful info about browsers’ security. In case you did not read all the bellow links till now, you may like to do that, as very useful information can be found within them.
The CanSecWest Pwn2Own contest day 1 on Tipping Point DVLabs blog. ZDNet interviews with the winners:
The CanSecWest Pwn2Own contest day 2 on Tipping Point DVLabs blog.
Pwn2Own Wrap Up on Tipping Point DVLabs blog.
- Nils: http://blogs.zdnet.com/security/?p=2951
- Charlie Miller: http://blogs.zdnet.com/security/?p=2941
A brief talk about the IE8 exploit technique on Tipping Point DVLabs blog to “shake” a little bit the speculations or rumors.
Mozilla Security Blog’s entry about the pwn2own bug that Nils discovered at CanSecWest 2009.
- Microsoft Research & Defense blog talks about IE8 blocking Dowd/Sotirov ASLR+DEP .NET bypass.
- Mark Down saying that his and Alex Sotirov’s ASLR+DEP .NET bypass technique was fixed in IE8.