Pwn2Own MacBook attack: Charlie Miller hacks Safari again
![ryan-naraine.jpg](https://www.zdnet.com/a/img/resize/58705b1ab848cb0209d7d7d504dffaab176d93aa/2014/07/22/4b4e2273-1175-11e4-9732-00505685119a/ryan-naraine.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
VANCOUVER, BC -- For the third year in a row, Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability.
At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook.
[ ALSO SEE: Hacker exploits IE8 on Windows 7 to win Pwn2Own ]
In the attack, Miller set up a special Web page with the exploit. Using Safari, a conference organizer surfed to the Web page and watched and Miller took control of the machine.
Details of the vulnerability are being kept under wraps until Apple releases a fix. TippingPoint Zero Day Initiative (ZDI), the contest sponsors, will handle the process of reporting the issue to Apple.
Miller, who uses fuzzers to find security vulnerabilities, is slated to deliver a conference presentation on fuzzing techniques against popular software products.
[ ALSO SEE: Pwn2Own 2010: iPhone hacked, SMS database hijacked ]
More to come...