“It took a couple of seconds. They clicked on the link and I took control of the machine,” Miller said moments after his accomplishment.Microsoft's new Internet Explorer 8 browser and Mozilla's Firefox were also hacked at the security event. A security researched nicknamed "Nils" first did his magic on IE8, afterwards he exploited Apple's Safari and in the afternoon he took over a Firefox system as well.
The contest kicked off at exactly 3:15 PM and, within seconds, Miller launched his drive-by attack and claimed the $10,000 top prize. He also got to keep the MacBook machine.
Miller said he came to the CanSecWest security conference with a plan to hack into Safari and had tested the exploit carefully to ensure “it worked the first time.”
IE8, Firefox and Safari all hacked at Pwn2Own
Posted on Friday, March 20 2009 @ 0:00 CET by Thomas De Maesschalck
ZDNet reports a fully-patched MacBook with Apple's Safari browser was hacked in a couple of seconds at Pwn2Own 2009 by Charlie Miller. Technical details about the vulnerability he exploited will be released when a patch is ready.