Security researcher Charlie Miller has shown how he can hack into a MacBook notebook in a matter of seconds, via a Safari exploit that currently remains unaddressed. The demonstration was part of Pwn2Own 2009, a competition in which hackers attempt to break various platforms in the fastest time possible, taking away both a prize fund (in Miller’s case $10,000) and the machine they hacked.
The exploit was performed on a fully-patched Apple MacBook, and presented users with a single link which, when clicked, allowed Miller to take control of the notebook. Full details of the hack have been acquired by the TippingPoint Zero Day Initiative, which will coordinate with Apple to patch the vulnerability.
Another security researcher going by the pseudonym “Nils” later demonstrated a second Safari hack, as well as breaking through IE8 and Firefox’s defences. He took away a Sony VAIO notebook running Windows 7, together with a cash prize.