Safari down First, IE 8 follows at PWN2OWN

Safari falls first, IE 8 follows at PWN2OWN

Orin Thomas

March 10, 2011

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Even in spite of a big recently released update Safari running on the latest version of Mac OSX was the first to fall at the PWN2OWN contest at the Canwest security conference with a demonstration that visiting a web page would allow remote code execution and modification of files on the desktop. According to Ars Technica's article the attack against Safari took a team 2 weeks to put together. Next to fall was IE 8 running on Windows 7 SP1. The researcher who put together this exploit took approximately six weeks to create the attack, which leveraged a chain of three vulnerabilities to allow remote code execution. According to the ARS article, no attacks so far have been performed against Chrome as the contestant who had registered to attend withdrew, suspicion placed on the vulnerability that they were going to use being squelched by a raft of updates released by Google in the last few days.

Tomorrow in the competition FireFox will be attacked as well as common mobile operating systems. The mobile exploits are important as more and more users transition their digital lives and social networks, known cesspits of malware, across to mobile platforms.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like