The Pwn2Own results, (in order from most secure to least secure) for the most secure browser were:
Chrome: Nobody chose to attack this browser, possibly due to the sandbox, which separates programs from each other, security-wise, and from the host operating system. Attacks, however, have been published for the Chrome browser in the past, so it shouldn't be considered totally secure.
Internet Explorer 8: The operating system sandbox was not breached, though data stored in the browser could possibly be read. The exploit used to bypass Internet Explorer's security was fixed by a Microsoft patch release the day following the competition, so, for now, IE8 is reasonably secure.
Firefox: The browser crashed when performing garbage cleanup, allowing arbitrary code to be executed. Arbitrary code execution allows attackers to run any programs or commands of their choice on the machine. Such a scenario would leave Firefox quite vulnerable.
Safari: When attacked, the browser allowed arbitrary command execution, and the attacker managed to obtain a full command shell on a Mac book; he was then able to run any command of his choice on the machine. This is the very definition of a successful attack.
Opera: Was not part of the competition.
As such, it seems that Chrome and IE8 would be the most secure browsers to use in the enterprise. However, as new exploits are popping up every day, it's essential to stay on top of browser patching and updates, no matter which browser you use.
Related Q&A from Richard Brain
Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ,... Continue Reading
Google cloud applications aren't necessarily known for their security. In this expert response, learn what to watch out for when considering using ... Continue Reading
In this expert response, find out why Adobe has been an enticing target for PDF attacks recently. Continue Reading