[ISN] Apple patches Pwn2Own bug

From: InfoSec News <alerts_at_private>
Date: Thu, 15 Apr 2010 00:23:37 -0500 (CDT)
http://www.computerworld.com/s/article/9175503/Apple_patches_Pwn2Own_bug?taxonomyId=17

By Gregg Keizer
Computerworld
April 14, 2010

Apple today patched a critical Mac OS X vulnerability used by a security 
researcher three weeks ago to win $10,000 for hacking Safari at the 
Pwn2Own contest.

The patch is the second resulting from the fourth annual Pwn2Own, which 
was held at the CanSecWest security conference in Vancouver, British 
Columbia March 24-26.

On the first day of the contest, Charlie Miller, an analyst at 
Baltimore-based Independent Security Evaluators, hacked Safari running 
on Mac OS X 10.6, aka Snow Leopard. Miller is the only researcher to 
ever win three times at Pwn2Own.

Today, Miller confirmed that the vulnerability Apple patched was the one 
he used last month to earn a $10,000 prize. "That must be it," he said. 
"I haven't given them any other bugs."

[...]


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Wed Apr 14 2010 - 22:23:37 PDT

This archive was generated by hypermail 2.2.0 : Wed Apr 14 2010 - 22:34:34 PDT