Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Chinese team successfully hacks Safari at Pwn2Own

Chinese team successfully hacks Safari at Pwn2Own
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Mar 14, 2014, 01:45 PM
 
At this week's Pwn2Own hacking contest, a group calling itself the Chinese Keen Team successfully used two vulnerabilities to run arbitrary code through Safari, according to ThreatPost. The exploit is reported to have been executed via a flaw in Safari's WebKit engine and a bypass of the sandboxing in recent versions of OS X. One member of Keen, Liang Chen, comments however that OS X is "regarded as very safe and has a very good security architecture," and that what vulnerabilities there are are "very difficult to exploit."

Representatives from Apple were in attendance at Pwn2Own, and are said to have been informed of the exploits Keen used. Apple will likely incorporate fixes in the next updates for Safari and/or OS X. Other apps targeted at Pwn2Own events have included Chrome, Firefox, Flash, Adobe Reader, and Internet Explorer. All major web browsers eventually succumbed during this year's contest.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 09:57 PM.
All contents of these forums © 1995-2015 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2015, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2