Using a zero-day vulnerability in Adobe's ubiquitous Flash Player, hacker Shane Macaulay hacked into a Windows Vista laptop to win a $5,000 cash prize at this year's CanSecWest Pwn2Own challenge.
Macaulay, who uses the “K2” hacker moniker, also won the Fujitsu U810 laptop running Windows Vista Ultimate SP1 that he hijacked with the exploit.
According to sources at the conference, the Adobe Flash vulnerability is “cross-platform.”
Details of the vulnerability and the attack vector are now the property of TippingPoint’s ZDI (Zero Day Initiative), the sponsor of the CanSecWest Pwn2Own challenge. Officials from ZDI have confirmed the unpatched nature of the flaw and are coordinating the disclosure process with Adobe.
Earlier in the week, security researcher Charlie Miller hijacked Apple’s MacBook Air with a drive-by exploit against the Safari browser. That exploit carried a $10,000 cash prize, plus the hacked laptop.
A Sony VAIO VGN-TZ37CN machine running Ubuntu 7.10 “Gutsy Gibbon” was the only laptop left standing after the three-day challenge.
You probably wouldn’t see these vulnerabilities in Safari 3.1 on a mac, It’s probably the same thing as running IE7 on windows XP versus Vista. IE7 is much safer on Vista than it is on XP ( this is suppose to change in XP sp3).
It seems that the flash vulnerability could have taken down any of the three.
"The flaw is in something else, but the inherent nature of Java allowed us to get around the protections that Microsoft had in place,” he (Macaulay) said in an interview shortly after he claimed his prize Friday. “This could affect Linux or Mac OS X.”
Macaulay said he chose to work on Vista because he had done contract work for Microsoft in the past and was more familiar with its products.
Aha, so there is your story right there, this flaw could’ve worked on any of the systems; however, the contest rules state that the same exploit can only be used to compromise one machine (see rule #2 from the cansecwest.com web page which states “You can’t use the same vulnerability to claim more than one box, if it is a cross-platform issue.”), and Macaulay used Vista because it was what he was more familiar with."
Update, Sorry for posting this, I missed Franks post on the same thing.
Same thing can be said for hacked Mac… they used Safari, and if it can be hacked on Apple, there is no reason not to be able to hack it on any Windows machine, it is even more vulnerable on Windows than on OS X. It is a software issue, not hardware issue at all.
You don’t even need Safari to compromise Windows OS, it is vulnerable and easy to compromise by its nature. Of course it is widely used so hackers are attacking it like crazy, but that’s not excuse. No one can assure me that there are no hackers out there who would at least try to hack OS X just to prove something, but yet… we don’t have any serious system attacks registered, and even less successful ones.
But Tech, that’s already happening. I have both, so I am Mac and PC user in the same time. I don’t have anything against either side of me, but when one of my sides work on PC, all I get most of the time is headache. I didn’t like that, so I went out and bought one of these beauties. Mac really allows me to focus on my creativity, rather than spending so much time on checking up on latest versions of security software, and installing a bunch of it of course.
You love Linux, so I am 100% sure you would be unbelievable happy using OS X.
I’ll use when I have a budget to give it to myself as a gift
Well… I’m learning Linux, but it’s not intuitive as Windows (at least for me), I was born in Windows environment.
Well, when talking about budget… I didn’t have any when I first came here. Didn’t have any friends, don’t have any relatives… but I worked like a moron, all kind of jobs, regardless if it was day or night, sunny day or rainy day. After few years, I can say I can afford it now.
Windows = intuitive, Linux = perfect but not easy to use… OS X is your answer, everything that Linux has and more, and even easier to use than Windows.
Sasha,
The title of this thread is “Safari 3.1 For Windows Vulnerable To Hacks”
this is all I pointed out.
All operating systems can, have been and will again be compromised.
As long as there are hackers, there will be compromises.
By nature, the most popular system will always be the most compromised.
[b]Apple okay with Safari 'carpet bombing' vuln for now[/b]
Next time you get nagged to install Apple’s Safari browser keep this in mind: The company’s security team has dismissed research that shows a simple way for miscreants to use the browser to litter an end user’s machine with malicious files.
According to researcher Nitesh Dhanjani, Safari doesn’t bother to ask for user permission before downloading resources from websites. When encountering malicious iframes and other scripts, the browser obediently does what the website tells it to do, including downloading a file as many times as html scripts order.
When informed of this “carpet bombing” vulnerability (as researcher Billy (BK) Rios has dubbed it), Apple agreed that it might be good if Safari actually checked with the user before downloading potentially vicious files, but signaled that kind of addition wasn’t much of a priority.
“Please note that we are not treating this as a security issue, but a further measure to raise the bar against unwanted downloads,” someone from Apple’s security team told Dhanjani. “We want to set your expectations that this could take quite a while, if it ever gets incorporated.”
This is unfortunate because the vulnerability allows miscreants to dump hundreds of malicious files into a user’s default download location (in Windows it’s the desktop and in OS X it’s the download folder). As Nate McFeters at the Zero Day Blog sees it, it wouldn’t be hard for a rogue site to load up a desktop with dozens of booby-trapped “My Computer” icons that look like the real Windows icon and wait for a confused user to accidentally click on them.
I would have thought that Secunia would consider this a security vulnerability as they did with the same issue with other browsers, which those browsers patched.
