Safari used to hijack MacBook Pro at Pwn2Own 2011
A flaw in WebKit, the engine that underlies Safari, Mobile Safari, and several other browsers, was found to be vulnerable in this year's "Pwn2Own" competition, as reported by ZDNet and many others. This is noteworthy for several reasons: first, because the exploit did not use Flash. You will remember that last year's Pwn2Own winner stated "the main thing is not to install Flash" for browser security. Secondly, it is important because WebKit is used not only by Safari but several other browsers, notably several mobile browsers, although it is not immediately apparent whether this same bug could be exploited on a mobile platform. It's also possible that the exploit could make Windows and even Linux computers vulnerable if they are running a WebKit-based browser, but details are not fully known.
Computerworld noted that Google's $20,000 reward for anyone who could break into Chrome on opening day went unclaimed, as the contestant who had signed up did not appear at the Pwn2Own contest. It is unknown whether Google paid to have him assassinated (that's a joke folks, lighten up). Computerworld went on to note that according to the current schedule no one is even going to try to attack Chrome this year, meaning that it could survive a record three consecutive Pwn2Own contests. That is particularly surprising to me since Google Chrome includes its own version of Adobe Flash, but if you're looking to use the most secure browser out there, Google Chrome looks to be your browser of choice.
A flaw in WebKit, the engine that underlies Safari, Mobile Safari, and several other browsers, was found to be vulnerable in this year's...
Deals of the Daymore deals
Software Updatesmore updates
- Microsoft Office for Mac 2011 Update 14.3.4
- Pixelmator 2.2 available with over 100 new features and improvements
- DabKick for iPhone lets you share photos, watch videos and now listen to music in real-time
- Google Now added to search app on iPhone, iPad
- GateGuru for iPhone has been updated and greatly improved
- Twitter updates its OS X client