# Browser exploits at pwn2own



## tanked (Mar 23, 2015)

http://arstechnica.com/security/201...ke-a-stomping-at-pwn2own-hacking-competition/

The part I find most interesting, particularly in relation to FreeBSD's Capsicum, is how Jung Hoon Lee, aka lokihardt got passed the application sandboxing via a kernel driver vulnerability.


----------



## junovitch@ (Mar 23, 2015)

I'm a bit confused, the article says they targeted Windows kernel vulnerabilities and Windows doesn't support Capsicum.  What's the relation to FreeBSD's Capsicum?


----------



## tanked (Mar 23, 2015)

I was speaking in general terms about the possibility of sandboxed applications not quite being secure as one would think due to kernel flaws, I wasn't suggesting this particular Windows kernel driver exploit will work on FreeBSD


----------



## ronaldlees (Mar 26, 2015)

The super hackers exploit certificates first.  After that moat is drained, the browser is easy peasy.


----------

