/>
X
Business

Pwn2Own MacBook attack: Charlie Miller hacks Safari again

For the third year in a row, Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability.
Written by Ryan Naraine, Contributor on

VANCOUVER, BC -- For the third year in a row, Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability.

At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook.

[ ALSO SEE: Hacker exploits IE8 on Windows 7 to win Pwn2Own ]

In the attack, Miller set up a special Web page with the exploit.  Using Safari, a conference organizer surfed to the Web page and watched and Miller took control of the machine.

Details of the vulnerability are being kept under wraps until Apple releases a fix.  TippingPoint Zero Day Initiative (ZDI), the contest sponsors, will handle the process of reporting the issue to Apple.

Miller, who uses fuzzers to find security vulnerabilities, is slated to deliver a conference presentation on fuzzing techniques against popular software products.

[ ALSO SEE: Pwn2Own 2010: iPhone hacked, SMS database hijacked ]

More to come...

Editorial standards

Related

These are my 5 must-have devices for work travel now
ipad-mini-firewalla-purple-macbook-air

These are my 5 must-have devices for work travel now

This 1980s programming language sparked a revolution. Now you can check out the source code
developers-security

This 1980s programming language sparked a revolution. Now you can check out the source code

Adobe sets new guidelines for AI-generated stock images
adobeaiart.png

Adobe sets new guidelines for AI-generated stock images