When you see a huge bonus in the Pwn2Own 2013 hacking contest, you should be able to think that those browsers and so on won't last long, there will certainly be a large number of hackers who will be attacked on the first day of the competition. Sure enough. Currently, Firefox, IE10, Java, and Chrome are all under attack.
French security company VUPEN announced that they have used the vulnerability to successfully hack IE10 on Windows 8, Firefox 19 on Windows 7, and Java. "We used two IE10 0-day vulnerabilities on Surface Pro to bypass sandbox protection and break Windows 8 ."
VUPEN said that all 0day vulnerabilities and technologies they used during the Pwn2Own competition have been reported to affected software vendors, including Microsoft, Mozilla, and Oracle, to help them release patches to protect users from similar attacks.
In addition, experts at the MWR lab completely bypassed the sandbox protection of the latest stable version of Chrome and successfully won Chrome. "By accessing a malicious Web page, one of its vulnerabilities allows us to obtain code execution right in the sandbox rendering process ."
Josh Drake from the Accuvant lab and James Forshaw from Contextis both master Java.