HomeWinBuzzer NewsGoogle Project Zero: Web Fuzzer Discovered Three times More Safari Bugs than...

Google Project Zero: Web Fuzzer Discovered Three times More Safari Bugs than Edge

Google's Project Zero fuzzer found a total of seventeen bugs in Safari's Document Object Model, compared to six in Edge and two in Chrome. The company has since taken steps to remedy the issue.


has been hit hard by 's Project Zero this year. If it wasn't kernel memory vulnerabilities, it was Edge, but new statistics show had an even harder time.

So far this year, Project Zero's web fuzzer has found 31 bugs in browsers, and 17 of them were in . Edge, on the other hand, came in at 6, Internet Explorer 4, and Chrome just 2.

The tool used by Google's Ivan Fratric is called Domato, and searches for bugs in the Document Object Model of browser's rendering engine. Attackers occasionally target exploits in DOM engines, a notable example being Tor.

Last year, attackers exploited the Firefox-based Tor engine to identify visitors to a child pornography website on the darknet. Despite the positive outcome, experts also believe the vulnerability could have been utilized by criminals.

Preventing Future Attacks

Google tries to discover such vulnerabilities by throwing millions of lines of random code in an attempt to cause crashes. So far, it's been successful, but Fratric has now open-sourced Domato in the hopes of further improvement.

Before then, he offered Apple private access to the tool due to their abnormally high results. The company has since hired a Project Zero member, who accepted the offer.

“To attempt to address this discrepancy, I reached out to Apple Security proposing to share the tools and methodology,” explained Fratric in a blog post. “When one of the Project Zero members decided to transfer to Apple, he contacted me and asked if the offer was still valid. So Apple received a copy of the fuzzer and will hopefully use it to improve WebKit.”

Microsoft also received praise from the Google researcher. “Given that IE used to be plagued with use-after-free issues, MemGC is an example of a useful mitigation that results in a clear positive real-world impact. Kudos to Microsoft's team behind it,” he said.

You can see the full results on the Project Zero blog.

Ryan Maskell
Ryan Maskellhttps://ryanmaskell.co.uk
Ryan has had a passion for gaming and technology since early childhood. Fusing the skills from his Creative Writing and Publishing degree with profound technical knowledge, he enjoys covering news about Microsoft. As an avid writer, he is also working on his debut novel.

Recent News