Apple Safari hacked in matter of seconds
Security researchers also take control of Internet Explorer 8 and Firefox in the space of a day for a hacking contest - which Microsoft supports.

A security researcher has hacked into a fully-patched Macbook in seconds by exploiting a security flaw in Apple's Safari browser, according to reports.
Security analyst Charlie Miller won a thousand dollar prize and a new Macbook at Canada's CanSecWest security conference in its Pwn2Own contest, an annual hacking competition pitting researchers against browser technologies.
Ryan Naraine, a security evangelist for Kaspersky, was twittering and blogging from the event.
Naraine said that Miller used a drive-by exploit that he had already tested carefully, after coming to the conference with a plan to hack into the browser.
Miller said: "It took a couple of seconds. They clicked on the link and I took control of the machine."
Miller won the contest last year when he managed to hack another fully patched Macbook, that time "only" in minutes.
Naraine said that TippingPoint's Zero Day initiative acquired exclusive rights to the vulnerability and would coordinate the disclosure and patch release process with Apple.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Microsoft's new Internet Explorer 8 browser and Mozilla Firefox lasted longer, but were also hacked in the first day of the conference.
A security researcher called "Nils" took full control off a Sony Vaio running Windows 7 using a drive-by download attack. Microsoft's security response team was reported to have witnessed the exploit.
"Nils" was also the second hacker to beat Safari, and also exploited a Firefox zero-day flaw.
Perhaps surprisingly, Microsoft pledged its support to the competition.
Sarah Blankinship, security strategist for Microsoft's Ecostrat team, said in a blog post that good security dictated that you couldn't hide from the truth and every issue was an opportunity to learn and improve.
She said: "We recognise that all vendors' products may be found vulnerable.
"Microsoft welcomes the contest as another opportunity to engage the security community in productive dialogue around responsible disclosure and effective security engineering."
Apple declined to comment, while Mozilla had not responded to our request for comment at time of writing.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
Mozilla patches high-severity security flaws in new ‘speedy’ Firefox release
News Numerous vulnerabilities across Mozilla's products could potentially lead to code execution and system takeover
By Connor Jones Published
-
Mozilla and Brave release one-click method for online privacy requests
News Mozilla, Brave and other online privacy leaders have released a streamlined way to protect your privacy
By Justin Cupler Published
-
35% of websites still rely on weak SHA-1 encryption
News Google, Microsoft and Mozilla will stop supporting unsecure sites by the end of 2017
By Clare Hopping Published
-
Mozilla uses emoji to teach about encryption
News The company is dedicated to educating the public about the importance of a secure internet
By Emma Flick Published
-
Calls for Java overhaul grow as more security flaws emerge
News Security experts suggest problems in the development cycle of Java could be to blame for recent security woes.
By Caroline Donnelly Published
-
Mac OS X gets first ever crimeware kit
News Mac OS X users are being targeted by the first ever crimeware created for the operating system.
By Tom Brewster Published
-
Firefox 5 set for June launch
News Mozilla ramps up its release schedule to get the next browser version launched as soon as possible.
By Jennifer Scott Published
-
Safari and IE crumble first in Pwn2Own
News Both Safari and Internet Explorer are hacked in super-fast times at Pwn2Own.
By Tom Brewster Published