Safari, IE 8 and Firefox exploited in first day of hacking contest

By on March 19, 2009, 5:05 PM
Security researcher Charlie Miller, who last year managed to gain control of a MacBook through a Safari browser exploit in under two minutes, improved his mark today at the Pwn2Own event, repeating the feat in less than 10 seconds. In fact, he did so with all system and browser security updates applied. The contest is sponsored by security firm TippingPoint, which awards a prize to hackers for each vulnerability found, and shares the details with the respective software vendors in order to find solutions.

The second machine to fall was a Sony Vaio P laptop running Windows 7, which was exploited through a vulnerability in the recently released Internet Explorer 8. This was accomplished by a 25 year old computer science student at the University of Oldenburg in Germany calling himself Nils, who also demonstrated a separate exploit for Safari and Firefox.

At the end of the first day of the Pwn2Own contest, Google Chrome was the last browser standing but there is still plenty of time and prizes for more browser exploits. They will also target a selection of smartphones, including RIM's BlackBerry, Apple's iPhone, T-mobile's G1 running Android, HTC's Touch running Windows Mobile, and Nokia's N95 running Symbian.

User Comments: 7

Got something to say? Post a comment
femakahuna said:
Do software and or hardware firewalls prevent these attacks?
tengeta said:
Wait... Windows 7 outlasted a patched OSX?OUCH.
captain828 said:
How is this possible?!?FAKE!! FAKE I tell you!!Apple cannot be hacked!!//sarcasm
x darthmonkey x said:
I'm not surprised at all that OSX was the first one hacked...What caught me off guard is the fact that Chrome still stands at this point.
windmill007 said:
I think it comes down to the more you allow the browser to do (cool stuff) the easier it is to be hacked. Chrome is very limited at this point hence its super security.LOL
j4m32 said:
*AHEM*Opera :)*AHEM*
anguis said:
It's no surprise considering Chrome holds a very low % of the market share in web browsers, as well as being a very simple browser with little features. It's also no surprise that someone who already has done so, used a prepared exploit to crack Safari in next to no time at all. He already had the tool made, so it really isn't impressive at all. It doesn't mean that Windows 7 is more secure, not in the least.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.