After three days of attack beside prevailing hackers, a laptop running Ubuntu remain untouched while two others, running Mac OS X and Windows Vista Service Pack 1, succumbed.
The attacks be launch at the CanSecWest PWN 2 OWN clash delimited by Vancouver, Canada.
This be sponsor by guarantee inflexible TippingPoint, a divergence of 3Com (Nasdaq: COMS) , and held March 26-28, lower than its Zero Day Initiative (ZDI).
ZDI be a program in advocate of enjoyable security researchers for responsibly disclose vulnerabilities.
The three machines self attack were a MacBook Air running the indiscriminate revision of Mac OS X, 10.5.2; a Fujitsu U810 notebook running Windows Vista Ultimate SP1; and a Sony Vaio VGN-TZ37CN running Ubuntu 7.10.
All three of interest the account existing security patch install.
The perfectly communication is that all three were not suggestible to attacks over and done with the network by the operating system themselves, which was what the hackers were narrow to on the starting daytime of the contest.
The second day saw a adjustment in the rules, with the breadth of attacks widen. The hackers were allowed to deride pennon defaulting installed client-side application such using browsers; or to dupe user into cylinder e-mails with links leading to malware or that integrated malware; or to trick users into visit Web site any plus malware or with links that lead to malware.
The magistrates arranged which installed client-side applications were standard default items.
The MacBook Air go downhill in account while the Fujitsu running Windows Vista survive into the second day in olden times succumb.
Charlie Miller, Jake Honoroff and Mark Daniel from Independent Security Evaluators compromise the MacBook Air by sending it to a Web place on which they had installed an cash in on that take remunerate of a brand new zero-day defencelessness in the Safari Web browser.
Shane Macaulay, Derek Callaway and Alexander Sotirov of Security Objectives compromised Windows Vista by exploit a before unknown scraggy thorn in the latest version of Adobe (Nasdaq: ADBE) Flash.
No comments:
Post a Comment