Hackers expose Safari's flaws in five seconds

Apple patched 62 vulnerabilities and released Safari version 5.0.4 shortly after a team hacked the browser at Pwn2Own.

When it comes to browser security, Internet Explorer usually gets ridiculed and beaten up the most. And though Microsoft's IE8 was quickly unraveled at Pwn2Own, Apple's Safari 5 was hugely embarrassed by getting hacked in five seconds flat.

Shortly after a team from the French security company Vupen scored $15,000 and a new MacBook Air for cracking Safari 5.0.3 open like an egg, Apple patched 62 vulnerabilities in the browser and released Safari version 5.0.4.

Meanwhile, Google's Chrome 9 browser went unchallenged. Two teams pre-registered to take Chrome down. The first contestant was a no-show and the second decided to focus instead on his hack of RIM's BlackBerry OS. Though it's a little unfair that Chrome walked away proud and untouched, it's also great accidental PR.

Today Mozilla's Firefox 3.6 will stand up to challengers, as well as a slew of smartphone operating systems: iOS, Blackberry OS, Android, and Windows Phone 7.

Two weeks before Pwn2Own started, the browsers were "frozen" so that researchers could have a stationary target to hack. But now Safari has been updated, Chrome has delivered version 10, IE 9 arrives on March 14, and Mozilla has issued the first release candidate of Firefox version 4.0, so wait on these new releases' impending vulnerabilities before you believe Safari is the most vulnerable browser in existence.

Join the CSO newsletter!

Error: Please check your email address.

Tags online securityhackersapplicationsbrowser securityMicrosoftbrowserssoftwaresafarimozillaAppleGoogle

More about AppleBlackBerryGoogleMicrosoftMozillaResearch In Motion

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Brennon Slattery

Latest Videos

More videos

Blog Posts