Fully patched versions of Safari and Internet Explorer 8 were both successfully hacked today at pwn2own, the annual hacking competition held as part of the CanSecWest security conference. If a researcher can pwn the browser—that is, make it run arbitrary code—then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes—restricted environments with reduced access to data and the operating system—that are imposed.
First up, and first to fall, was Safari 5.0.3 on fully-patched Mac OS X 10.6.6. French security firm VUPEN was first to attack the browser, and five seconds after the browser visited its specially-crafted malicious web page, it had both launched the platform calculator application (a standard harmless payload to demonstrate that arbitrary code has been executed) and wrote a file to the hard disk (to demonstrate that the sandbox had been bypassed).
keyboard shortcuts: V vote up article J next comment K previous comment