Apple issues updates for Safari vulnerability spotted at Pwn2Own, along with several others

By on
google, apple, chrome, safari, pwn2own, security, vulnerability, vupen, webkit, keen team

During last month's Pwn2Own competition, hackers were successfully able to tap into vulnerabilities in Apple's Safari browsers, among other web surfing and well known applications. This week, Apple has issued a security update for both Safari 6 and 7 in response to security holes exploited during the contest.

In total, Apple patched about 27 major flaws in both the Mountain Lion and Mavericks version of Safari with the updates. The flaws were found to be a part of the open-source engine Safari runs on known as WebKit, which according to reports means it's likely something that effects other browsers using the tech as well.

More than half of the patched security vulnerabilities were those reported by the Google Chrome security team, who are very familiar with WebKit. Of the 27 patched holes, one was exploited by Shanghai-based security researchers called Keen Team on the second day of the Pwn2Own competition. The team took home $65,000 in prize money for cracking Apple's web surfer.

According to reports, another one of the patched flaws is credited to French hacker group Vupen, who had quite a successful trip to Pwn2Own themselves. Vupen took home more than half of the total $800,000 in prize money available at the contest, successfully hacking Chrome, Internet Explorer and Adobe Flash to name a few. The bug used by Vupen to hack Chrome during the competition is reportedly the same WebKit vulnerability patched for Safari.

The updates issued by Apple will patch Safari versions for as far back as OS X 10.7, as we previously reported Apple has stopped issuing security updates for Snow Leopard (OS X 10.6) entirely.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.