No Comments » | 
All | Tagged: linux, mac | 
Permalink
Posted by admin
No Comments » | All | Tagged: mac | Permalink
Posted by admin
The primary goal of the annual Pwn2Own contest is to responsibly unearth new vulnerabilities within computing systems so that the affected vendors can address them, noted TippingPoint, which manages the Zero Day Initiative (ZDI) program team responsible for awarding prizes to this year's winning contestants.
"All winners are asked to sign and agree to the general ZDI nondisclosure agreement, and the bugs will be turned over directly to the affected vendors," said Terri Forslof, TippingPoint's manager of security response.
Rock-Star Performance
The contest's first winner was Charlie Miller, who took down Safari on Mac OS X within two minutes -- winning free computing gear and a $5,000 cash prize in the process. Contestant Julien Tinnes also successfully exploited both Firefox and Safari, but "unfortunately his efforts fell outside the contest criteria and therefore could not be rewarded," Forslof observed.
However, the most impressive performance of the day came from the contestant known simply as Nils -- "You know, like 'Prince' or 'Madonna,'" said Forslof. Nils "ran a sleek exploit against IE8, defying Microsoft's latest built-in protection technologies -- DEP (Data Execution Prevention) as well as ASLR (Address Space Layout Randomization)." He won $5,000 for his efforts.
Even better, Nils' successful IE8 exploit was just the warm-up exercise for what turned into a trifecta. He picked up another $5,000 by quickly taking down Apple's Safari browser, then ended the day with a flourish by cracking Firefox, which boosted his total cash winnings to $15,000.
The Microsoft Security Response Center notified Forslof on Thursday morning that it had...
Tags: mac, microsoft
No Comments » | All | Tagged: mac, microsoft | Permalink
Posted by admin
