Safari used to hijack MacBook Pro at Pwn2Own 2011
A flaw in WebKit, the engine that underlies Safari, Mobile Safari, and several other browsers, was found to be vulnerable in this year's "Pwn2Own" competition, as reported by ZDNet and many others. This is noteworthy for several reasons: first, because the exploit did not use Flash. You will remember that last year's Pwn2Own winner stated "the main thing is not to install Flash" for browser security. Secondly, it is important because WebKit is used not only by Safari but several other browsers, notably several mobile browsers, although it is not immediately apparent whether this same bug could be exploited on a mobile platform. It's also possible that the exploit could make Windows and even Linux computers vulnerable if they are running a WebKit-based browser, but details are not fully known.
Computerworld noted that Google's $20,000 reward for anyone who could break into Chrome on opening day went unclaimed, as the contestant who had signed up did not appear at the Pwn2Own contest. It is unknown whether Google paid to have him assassinated (that's a joke folks, lighten up). Computerworld went on to note that according to the current schedule no one is even going to try to attack Chrome this year, meaning that it could survive a record three consecutive Pwn2Own contests. That is particularly surprising to me since Google Chrome includes its own version of Adobe Flash, but if you're looking to use the most secure browser out there, Google Chrome looks to be your browser of choice.
A flaw in WebKit, the engine that underlies Safari, Mobile Safari, and several other browsers, was found to be vulnerable in this year's...
Subscribe to Newsletter
Software Updatesmore updates
- Daily App: MyScript Calculator solves your hand-written math equations
- Findery app lets you discover the world around you using annotated notes and maps
- The Learnist app brings its crowd-sourced collection of information to your iPhone
- My cat Cinnamon reviews Friskies Cat Fishing 2
- Photo Grid Collage Maker is capable and free
- iExit gets new features and is now free