Why is it that Apple’s otherwise excellent Safari browser seems to be more prone to vulnerabilities than rival offerings from Microsoft, Google and Mozilla? Ever since security whiz Charlie Miller in 2008 broke into the MacBook Air in two minutes through Safari, the browser has been the subject of intense criticism for its various security weaknesses. Well, Safari just got pwned again at yesterday’s HP TippingPoint-sponsored hacking challenge at the CanSecWest security conference in Vancouver, British Columbia.
This time, the bragging rights belong to the French security firm Vupen which won a cool $15,000 and a MacBook Air for beating its perks in pwning Apple’s browser. It took the team just a few seconds to exploit an unpatched Safari vulnerability. “We pwned Apple Safari on Mac OS X (x64) at pwn2own in 5 seconds,” they tweeted.
expand full story