Hackers Expose Safari's Flaws in 5 Seconds

When it comes to browser security, Internet Explorer usually gets ridiculed and beaten up the most. And though Microsoft's IE8 was quickly unraveled at Pwn2Own, Apple's Safari 5 was hugely embarrassed by getting hacked in five seconds flat.

Shortly after a team from the French security company Vupen scored $15,000 and a new MacBook Air for cracking Safari 5.0.3 open like an egg, Apple patched 62 vulnerabilities in the browser and released Safari version 5.0.4.

Meanwhile, Google's Chrome 9 browser went unchallenged. Two teams pre-registered to take Chrome down. The first contestant was a no-show and the second decided to focus instead on his hack of RIM's BlackBerry OS. Though it's a little unfair that Chrome walked away proud and untouched, it's also great accidental PR.

Today Mozilla's Firefox 3.6 will stand up to challengers, as well as a slew of smartphone operating systems: iOS, Blackberry OS, Android, and Windows Phone 7.

Two weeks before Pwn2Own started, the browsers were "frozen" so that researchers could have a stationary target to hack. But now Safari has been updated, Chrome has delivered version 10, IE 9 arrives on March 14, and Mozilla has issued the first release candidate of Firefox version 4.0, so wait on these new releases' impending vulnerabilities before you believe Safari is the most vulnerable browser in existence.

Subscribe to the The Advisor Newsletter

Comments