Safari / Mac Hacked
#1
Safari / Mac Hacked
Pwn2Own 2009: Safari/MacBook falls in seconds | Zero Day | ZDNet.com
VANCOUVER, BC — Charlie Miller has done it again. For the second consecutive year, the security researcher hacked into a fully patched MacBook computer by exploiting a security vulnerability in Apple’s Safari browser.
“It took a couple of seconds. They clicked on the link and I took control of the machine,” Miller said moments after his accomplishment.
The contest kicked off at exactly 3:15 PM and, within seconds, Miller launched his drive-by attack and claimed the $10,000 top prize. He also got to keep the MacBook machine.
Miller said he came to the CanSecWest security conference with a plan to hack into Safari and had tested the exploit carefully to ensure “it worked the first time.”
TippingPoint’s Zero Day Initiative has acquired the exclusive rights to the vulnerability and coordinate the disclosure and patch release process with Apple.
Technical details of the vulnerability will not be released until a patch is ready.
Several hackers are currently attempting exploits against Internet Explorer 8 and Firefox but those browsers are still standing.
VANCOUVER, BC — Charlie Miller has done it again. For the second consecutive year, the security researcher hacked into a fully patched MacBook computer by exploiting a security vulnerability in Apple’s Safari browser.
“It took a couple of seconds. They clicked on the link and I took control of the machine,” Miller said moments after his accomplishment.
The contest kicked off at exactly 3:15 PM and, within seconds, Miller launched his drive-by attack and claimed the $10,000 top prize. He also got to keep the MacBook machine.
Miller said he came to the CanSecWest security conference with a plan to hack into Safari and had tested the exploit carefully to ensure “it worked the first time.”
TippingPoint’s Zero Day Initiative has acquired the exclusive rights to the vulnerability and coordinate the disclosure and patch release process with Apple.
Technical details of the vulnerability will not be released until a patch is ready.
Several hackers are currently attempting exploits against Internet Explorer 8 and Firefox but those browsers are still standing.
#3
And, it requires a visit to a particular web page, and the user performing some tasks. I would only go with the most computer illiterate getting caught on the bug. Or those that don't pay attention to where they are surfing to.
Thread
Thread Starter
Forum
Replies
Last Post
Bookmarks
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)