/>
X
Business

Apple patches Pwn2Own flaw used to hack Safari

According to Apple's advisory accompanying the patch, the actual vulnerability was not in the Safari browser but in the way ATS (Apple Type Services) handles certain fonts.
ryan-naraine.jpg
Written by Ryan Naraine on

Apple today shipped a patch to fix the drive-by download vulnerability used by Charlie Miller (left) to hack a fully patched MacBook via the Safari browser.

Miller's hack was part of this year's CanSecWest Pwn2Own contest where Apple's flagship browser fell for the third straight year.  In the attack, Miller set up a special Web page with the exploit.  Using Safari, a conference organizer surfed to the Web page and watched and Miller took control of the machine.

[ SEE: Charlie Miller hacks Safari again ]

However, according to Apple's advisory accompanying the patch, the actual vulnerability was not in the Safari browser but in the way ATS (Apple Type Services) handles certain fonts.

Here's the description:

CVE-2010-1120: An unchecked index issue exists in Apple Type Services' handling of embedded fonts. Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution. This issue is addressed through improved index.

The issue affects Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.3 and Mac OS X Server v10.6.3).

Apple has still not patched the vulnerability used at Pwn2Own to hack into the iPhone and hijack the SMS database.

Mozilla was the first to ship a patch for a flaw exploited at the contest.  Microsoft's fix for a critical IE 8 flaw used during the challenge is still outstanding.

ALSO SEE:

Editorial standards

Related

How to use your phone to diagnose your car's 'check engine' light
BlueDriver Bluetooth dongle

How to use your phone to diagnose your car's 'check engine' light

Don't let Janet Jackson's 'Rhythm Nation' crash your old laptop
the-old-hard-disk-drive-is-disintegrating-in-space.jpg

Don't let Janet Jackson's 'Rhythm Nation' crash your old laptop

Elon Musk drops details about Tesla's humanoid robot
tesla-humanoid

Elon Musk drops details about Tesla's humanoid robot