Google first to patch Pwn2Own WebKit vulnerability

Less that 24 hours after a team of researchers exploited a WebKit security hole to hack into RIM's BlackBerry smart phone, Google has issued a Chrome browser update to address the vulnerability.

VANCOUVER -- Less that 24 hours after a team of researchers exploited a WebKit security hole to hack into RIM's BlackBerry smart phone, Google has issued a Chrome browser update to address the vulnerability.

This makes Google the first vendor to ship a patch in response to the CanSecWest Pwn2Own contest where Willem Pinckaers, Vincenzo Iozzo and Ralf Philipp Weinmann took down the BlackBerry with the WebKit flaw.

follow Ryan Naraine on twitter

[ SEE: BlackBerry falls to WebKit browser hack ]

Google also paid out a $1337 cash prize to the three researchers as part of the vulnerability rewards program.

Details of the vulnerability is being kept under wraps.  Google describes it as a "high risk" memory corruption issue in style handling.

The vulnerable WebKit browser rendering engine also powers Apple's Safari browser and the new browser in RIM's BlackBerry devices.   There is no word yet from Apple or BlackBerry on the timeline for a fix.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All