Pwn2Own MacBook attack: Charlie Miller hacks Safari again [telecom]

Pwn2Own MacBook attack: Charlie Miller hacks Safari again

Ryan Naraine March 24, 2010

VANCOUVER, BC - For the third year in a row, Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability.

At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook.

In the attack, Miller set up a special Web page with the exploit. Using Safari, a conference organizer surfed to the Web page and watched and Miller took control of the machine.

Details of the vulnerability are being kept under wraps until Apple releases a fix. TippingPoint Zero Day Initiative (ZDI), the contest sponsors, will handle the process of reporting the issue to Apple.

Miller, who uses fuzzers to find security vulnerabilities, is slated to deliver a conference presentation on fuzzing techniques against popular software products.

...

formatting link

Reply to
Monty Solomon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.