The three day Pwn2Own contest at the CanSecWest security show is on.
And at the end of the day, 3 major browsers, Firefox, Safari and IE8 were successfully exploited.
Also a non-jailbroken iPhone was also hacked and its SMS database was stolen.
Vincenzo Iozzo and Ralf Philipp Weinmann redirected an iPhone to a web site they’d set up, crashing its browser and then stealing its entire SMS database (including some erased messages). It is possible, however, to set up a similar attack to work without crashing the browser, hackers claim, and set up different attack payloads. Iozzo and Weinmann won a $15,000 prize for successfully demonstrating the attack. Details about the attack will be released once Apple is notified and the security hole is patched.
A successful remote attack against a MacBook Pro running the latest version of Apple’s MacOS X was done by Charlie Miller – exploiting a unknown security vulnerability in the Safari browser to launch a remote shell and winning himself $10,000 plus the laptop for his work.
Peter Vreugdenhil managed to bypass Windows security features including Data Execution Prevention code via Internet Explorer 8 to take over a PC (running the latest patched version of Windows 7) – and again receiving $10,000 plus the hardware.
CNET provides all details of the hacks here.
Related Posts
- Acer Launches Laptop With Intel's Quad-core Chip
- GEVEY Sim Works on iOS 5 Beta 5 with Preserved Baseband
- Microsoft Releases IE8, Improves Security
- Microsoft to let PC users turn off IE
- Google Finally Enables Offline Access for Gmail
Related Websites
- Top Paid Mac Apps for November 2011
- How to Remove SystemVeteran | Removal Guide
- 13 Reasons Why Palm Pixi is Better than the Apple iPhone
- DOW 14,000 - All Time High
- Save Money on Moving
{ 1 comment }
