Slashdot Mirror


Safari/MacBook First To Fall At Pwn2Own 2011

recoiledsnake writes "A team of security researchers from the French pen-testing firm VUPEN successfully exploited a zero-day flaw in Apple's Safari browser to win this year's Pwn2Own hacker challenge. The hijacked machine was running a fully patched version of Mac OS X (64-bit). Bekrar's winning exploit did not even crash the browser after exploitation. Within five seconds of surfing to the rigged site, he successfully launched the calculator app and wrote a file on the disk without crashing the browser. Apple has just released Safari 5.0.4 and iOS 4.3 a few minutes before the Pwn2Own contest in an attempt to save face (a last minute patch for Chrome was also released) but failed."

3 of 492 comments (clear)

  1. Never been an issue before by Anonymous Coward · · Score: 5, Funny

    No one knows. Up until now the French have never had reason to use the word. You can't pwn someone and surrender at the same time.

  2. Re:Simple by daid303 · · Score: 4, Funny

    The researcher who was going to go after Chrome never showed up...

    So... google has the best assassins?

  3. Re:Simple by filthpickle · · Score: 4, Funny

    he used google maps to find the place.....and oh, he found it....