With the Pwn2Own hacking contest taking place next week, Mozilla has identified 10 vulnerabilities in its Firefox browser and have issued a security update to its users, with eight of the ten listed as ‘critical’.
According to V3, the fixes come after Mozilla established that these vulnerabilities could potentially open up the browser and use it to attack other workstations by taking remote control of the targeted system and executing code to disable it.
Such vulnerabilities will be scoped out by contestants taking part in the Pwn2Own hacking contest which is part of the CanSecWest Security Conference that runs from the 9th to the 11th of March.
The Pwn2Own hacking contest, starting in 2007, is an annual event which security ‘researchers’ use browsers and systems such as Mozilla’s to find harmful exploits. Each successful exploit or hack will result in the winner or exploit finder receiving the device or computer that was exploited as well as a cash prize. Vulnerabilities are not made public until the vendor has resolved the issue found by the researcher. More information can be found via the Wikipedia page.
Rules for this years contest are now up on the official CanSecWest website which list a certain amount of strict guidelines that should be followed, as well as some potential targets that contestants could find vulnerabilities in. More details can be found on the CanSecWest website.
Also See: Mozilla Firefox mobile OS at MWC 2014