Security 10806 Published by

Two researchers from HP demonstrated a previously unknown zero-day exploit in Internet Explorer 11 running on Windows 8.1 during a session of the Mobile Pwn2Own hacking contest



From Neowin:
Microsoft has to deal with yet another zero-day exploit found in a version of Internet Explorer. Fortunately, this flaw was found not by hackers but by security researchers and demoed as part of a non-competition portion of the Mobile Pwn2Own hacking contest.

PCWorld reports that researchers Abdul Aziz Hariri and Matt Molinyawe from HP’s Zero-Day Initiative team were able to hack into a Surface Pro tablet via a bug in IE11 running on Windows 8.1. The exploit allowed them to gain remote code execution which, Hariri said, "gave us full control over the whole machine".
  HP researchers find zero-day exploit in IE11 on Windows 8.1