Pwn2Own Safari Attack: Charlie Miller Hijacks MacBook

VANCOUVER, BC — For the third year in a row, Charlie Miller has
hacked into a MacBook by exploiting a critical Safari browser
vulnerability. At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook. 

VANCOUVER, BC — For the third year in a row, Charlie Miller has
hacked into a MacBook by exploiting a critical Safari browser
vulnerability. At the CanSecWest Pwn2Own hacker contest here, Miller performed a clean drive-by download against Safari to get a full command shell on the MacBook. 

In the attack, Miller set up a special Web page with the exploit. 
Using Safari, a conference organizer surfed to the Web page and watched
and Miller took control of the machine.

Details of the vulnerability are being kept under wraps until Apple
releases a fix.  TippingPoint Zero Day Initiative (ZDI), the contest
sponsors, will handle the process of reporting the issue to Apple.

Miller, who uses fuzzers to find security vulnerabilities, is slated
to deliver a conference presentation on fuzzing techniques against
popular software products.

Suggested articles