Safari just got served. At this year’s Pwn2Own conference, security firms and enthusiasts are doing their very best to discover and deploy exploits to some of the world’s most popular browsers. Chrome, Firefox, Internet Explorer, and Safari, they’re all on the menu for conference attendees and some have definitely faired better than others. Google issued a challenge, promising $20,000 to any person or team that could crack Chrome on the conferences opening day, but the two teams scheduled to take a swing backed down. Firefox is, for the time being, still standing, and, per usual, Microsoft’s Internet Explorer was taken down without much fuss. But which browser faired the worst? That would be Apple’s Safari. A French security research firm named Vulpen managed to break into Safari running on a MacBook Air in a cool five seconds. The company noted that the Safari update issued by Apple yesterday — version 5.0.4 — fixes some of the vulnerabilities, but not all. The takedown of Safari 5.0.3 used exploits that are still available in the updated code base. Go ahead Apple detractors, have a little fun in the comments section. More →
While investigating several Android Market applications that appeared to be duplicates, Reddit user lompolo discovered several apps that provide an extra, and definitely unwanted, service. The applications in question contain an exploit that, when downloaded, automatically root the Android handset. Not only that, the apps — 21 in total — also contain an embedded .apk file that can accept remote code and upload device information (like your IMEI) to a server in California. The malicious bundles were published by user Myournet and some of the individual applications have been downloaded over 50,000 times each. Once alerted of the potential malware, Google investigated and removed the code from the Market and users handsets. Unfortunately, that doesn’t have any effect on data already compromised by downloaders of the rogue applications. Google has yet to publicly comment on the incident.
UPDATE: More information about the exploit and affected applications can be found here. More →
The digital rights management (DRM) security used by Microsoft to protect apps in its Windows Phone 7 Marketplace has been cracked, enthusiast blog WPCentral reports. Though the technology needed to do so is not yet in the hands of the general public, the DRM protecting paid applications can now easily be stripped off of apps. If details of the vulnerability used to achieve the DRM crack are made available to the public, unscrupulous programers could use the exploit to develop software that allows users to steal applications and deploy them to Windows Phone 7 devices. Microsoft has not publicly responded to the security hole, though WPCentral claims the company has been made aware of the issue. Hit the break to see Microsoft’s Windows Phone 7 Marketplace security being manhandled in a proof-of-concept video demonstration. More →
Dear hardware OEMs: Resistance. Is. Futile. It seems as though the gang over in the IRC channel #G2Root xda-developers have found a permanent rooting solution for T-Mobile’s HTC G2 handset. As you may recall, the rooting community ran into a little hiccup with the Android 2.2 device due to an auto-restore feature aimed at helping the average consumer un-brick their handset. The new solution comes just days after HTC released the source code for the G2 on their website. The root exploit for the G2 is far from production-ready, but it does look like the software is well on its way to getting the one-click treatment.
UPDATE: Quick correction — As Aaron pointed out in the comments, the G2 root was originally discovered by members of the #G2root IRC channel; an XDA forum member announced it. Thanks, Aaron!
[Via Android Spin] More →
Adobe released a security bulletin today warning of a critical, zero-day vulnerability in their Reader and Flash Player software. The bulletin notes that an unpactched system could “crash [your system] and potentially allow an attacker to take control of the affected system.” The vulnerability is affecting:
- Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems
- Adobe Flash Player 10.1.95.2 and earlier for Android
- Adobe Reader 9.4 and earlier 9.x versions for Windows, Macintosh and UNIX
- Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh
- Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Adobe Reader for Android is not affected by this issue.
Adobe is promising an update to fix the issue by November 9. Hit the read link to read more and for mitigation instructions for your specific platform. More →
If you picked yourself up a second generation AppleTV, or plan to, it looks like you’ll be able to get your jailbreak on; assuming you’re into that sort of thing. Dev-team member MuscleNerd has posted a one-minute YouTube video showing Apple’s little black-box running a jailbroken firmware. Complimenting that, the dev-team has also managed to decrypt the AppleTV’s encryption keys. Hit the jump to see the video and hit the read link to check out the keys. More →
UPDATE: Bob Lord, Twitter’s security chief, has put up an official blog post explaining exactly what happened this morning. You can read that article here. More →
UPDATE: Bob Lord, Twitter’s security chief, has put up an official blog post explaining exactly what happened this morning. You can read that article here.
Adobe has revealed a critical, zero day exploit in Adobe Flash that is affecting WIndows, Macintosh, Linux, Solaris, and Android systems. Adobe does not provide much detail about the issue, but does state that the vulnerability could “cause a crash and potentially allow an attacker to take control of the affected system.” The post states that at present, only Flash Player for Windows is being actively exploited. This is the second critical vulnerability being reported by Adobe in under 7 days. Updates on the zero day bug and forthcoming patch can be found on Adobe’s security bulletin website, found here. More →
If you have an older model iPhone, and are envious of the HDR photographic-prowess of the iPhone 4, there is still hope; albeit hope with a fairly long list of prerequisites. iPhone tinkerer Will Strafach has tweeted that he: “Made a Cydia tweak to allow HDR photos on 4.1 for the iPhone 3G and 3G[s].” So, when that rumored iOS 4.1 jailbreak is released you can take your jailbroken, iPhone 3G or 3GS and get the HDR goodies. There are a lot of “ifs” and “whens” in there… but it’s better than nothing. More →
That latest exploit from @pod2g confirmed to work beyond iPhone4…also on at least iPad and yesterday’s iPod4G too :)
Great news for all those who prefer their iDevices jailbroken. No time estimate has been given by the dev-team or others as to when we could potentially see the exploit tools in the wild; we’ll keep you up to date on any progress that is made. More →
Comex, the developer of the jailbreakme.com 2.0 website, has released the source code for the PDF exploit found in un-patched versions of Apple’s iOS mobile operating system. The code has been called “impressive” and “dangerous” by some security analysts. The exploit has the ability to install malicious code on a users iOS device by simply visiting a webpage crafted to run the code. If you do not plan on jailbreaking your iOS device, we recommend updating to iOS 4.0.2 to remove the vulnerability. If you are already jailbroken, we suggest installing the “PDF Fix” patch from Cydia.
[Via Macworld] More →
Apple has just released an update to iOS, labeled iOS 4.0.2. The update, amongst other things, plugs the PDF security hole most notably used by the website jailbreakme.com. The update is available for the iPhone 3G, 3GS, and 4, iPod Touch 2G and 3G, as well as the iPad. If you have a jailbroken device, or think you might want to jailbreak your device at some point, we would recommend against applying this update. Everyone else, have at it!