November 11, 2016
Microsoft Edge, which the Redmond-based software giant praised on several occasions for its high level of security, was hacked twice at PwnFest, with one of the attacks being successfully completed in no less than 18 seconds.
Security experts from Chinese firm Qihoo 360 managed to steal the show after they managed to break into Microsoft Edge and WMware Workstation without user interaction, The Register is reporting.
In the case of Microsoft, there were two successful exploits, both of which were based on SYSTEM-level code execution in the browser. One of the vulnerabilities was exploited by a security researcher team at Qihoo 360, while the other one was discovered by South Korean hacker Lokihardt, who managed to break into the browser in just 18 seconds.
Their efforts were rewarded with $140,000, but details of the exploits were submitted to Microsoft in order to patch them and prevent other successful attempts in the future.
According to the same report, a Qihoo team also managed to hack VMware Workstation 12.5.1 and received an award of $150,000 for discovering the exploits.