In my experience it used to be much easier to find vulns in Edge. Both were relatively easy to exploit for RCE. Mitigations and constant code improvements seem to have made finding vulns in Edge much harder now. The mitigations make exploiting them for RCE also harder.
-
-
Replying to @berendjanwever @tiraniddo and
If you have a vuln now, exploiting for RCE in Chrome is relatively easy compared to Edge IMHO. I've not looked at sandbox escapes myself, so I can't comment on how easy it is to turn RCE into complete compromise.
1 reply 4 retweets 5 likes -
Replying to @berendjanwever @tiraniddo and
IMHO, exploiting for RCE in Edge is also easy enough even when RFG/CET is employed in the future, so compare which one is more easy is meaningless.
2 replies 0 retweets 1 like -
Replying to @_f0rgetting_ @tiraniddo and
I'm not saying it can't be done by the best exploit writers, but would you agree that the average exploit writer is going to have a harder time on Edge compared to Chrome?
1 reply 0 retweets 3 likes -
Replying to @berendjanwever @tiraniddo and
No offence, but there are so many known issues, maybe not only the best writers know them, but also the average writers know some of them too?
3 replies 3 retweets 4 likes -
Replying to @_f0rgetting_ @berendjanwever and
It's certainly worth noting the list of "out-of-scope" issues for the Mitigation Bypass bounty :-Dpic.twitter.com/1Aqq0ag6Xs
2 replies 0 retweets 13 likes -
Replying to @tiraniddo @_f0rgetting_ and
does chrome even pay for bypasses in your llvm CPI stuff?
2 replies 0 retweets 3 likes -
Replying to @dwizzzleMSFT @_f0rgetting_ and
Do you pay for anything in CFG based on that list? :-)
1 reply 0 retweets 4 likes -
-
Replying to @dwizzzleMSFT @_f0rgetting_ and
Why deploy a technology which you've clearly stated is broken, might as well spend more of your time on other stuff which matter.
1 reply 0 retweets 5 likes
Have you even tried asking hackers nicely not to use non-cfg images James? I thought you cared about users???
-
-
Replying to @taviso @dwizzzleMSFT and
We do, we ship the entirety of Chrome with non-cfg images, and the users love us for it.
1 reply 1 retweet 7 likes -
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.