Security researchers at the CanSecWest conference have kicked off the annual Pwn2Own security event.
The 2010 edition of the contest challenged attendees to produce working exploits for several PC-based browsers and mobile handsets. In the first day of competition, three of the four targeted systems had been cracked.
Researcher Charlie Miller claimed a prize for the third year in a row by quickly compromising a MacBook Pro running Safari. Miller has delivered similar exploits for Apple notebooks in each of the previous two Pwn2Own events.
Miller presented his exploit after fellow researchers Vincenzo Iosso and Ralf Phillip Weinmann were able to score the first successful exploit of the day by compromising Safari on the iPhone through the use of a specially-crafted text message.
However, Apple was hardly alone in the hacking spotlight. An MWR InfoSecurity researcher who goes by the name 'Nils' was able to exploit the Firefox browser on Windows 7 through a previously unknown vulnerability.
Microsoft saw its latest browser laid to waste as well when researcher Peter Vreugdenhil compromised a fully-patched version of Internet Explorer 8 running on a Windows 7 notebook.
The only browser to survive the first day was Google's Chrome. None of the day-one contestants attempted to run an exploit on the browser.
Further exploits could be revealed in the next two days as the contest is expanded to browsers running on the Windows Vista and XP platforms.
No comments:
Post a Comment