- Mac News
Mar 14, 2014 01:45 PM
Chinese team successfully hacks Safari at Pwn2Own
At this week's Pwn2Own hacking contest, a group calling itself the Chinese Keen Team successfully used two vulnerabilities to run arbitrary code through Safari, according to <em>ThreatPost</em>. The exploit is reported to have been executed via a flaw in Safari's WebKit engine and a bypass of the sandboxing in recent versions of OS X. One member of Keen, Liang Chen, comments however that OS X is "regarded as very safe and has a very good security architecture," and that what vulnerabilities there are are "very difficult to exploit."<br /><br />Representatives from Apple were in attendance at Pwn2Own, and are <a href="http://macnn.com/rd/306006==http://threatpost.com/keen-team-of-china-takes-down-safari-and-flash-at-pwn2own/104790" rel='nofollow'>said</a> to have been informed of the exploits Keen used. Apple will likely incorporate fixes in the next updates for Safari and/or OS X. Other apps targeted at Pwn2Own events have included Chrome, Firefox, Flash, Adobe Reader, and Internet Explorer. All major web browsers eventually <a href="http://macnn.com/rd/306007==http://www.pcworld.com/article/2108560/all-major-browsers-fall-during-second-day-at-pwn2own-hacking-contest.html" rel='nofollow'>succumbed</a> during this year's contest.
|All times are GMT -4. The time now is 01:33 PM.
Copyright © 2005-2007 MacNN. All rights reserved.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Content Relevant URLs by vBSEO