HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
A zero-day vulnerability in Safari allowed two attendees of CanSecWest security conference to walk away with a 17 MacBook and $10,000 prize for exploiting two MacBooks in the Pwn-2-Own contest. Not a bad haul considering it only took the contestants nine hours to come up with a working vulnerability.
Macaulay pwned the Mac by sending it an e-mail that directed a user to a malicious site. Upon visiting the site, the usera CanSecWest organizer perched on the machine to protect it from physical assaultwas infected with malware, without clicking on anything within the site.