RSS Feed
18.35
mobileinfo
ComputerWorld-Google has patched WebKit browser chromium deficiency, which is used by a multinational team to hack a smartphone BlackBerry Torch in Pwn2Own.
Although chromium is intact in Pwn2Own, the browser relies on the open source WebKit browser engine and so needed to be patched.
Friday of chrome Google update makes the first developer of browser to Patch vulnerability used in Pwn2Own hacking contest, sponsored by HP TippingPoint and programme for the abundance of bug its initiative for the day to zero (ZDI). Pwn2Own ran Wednesday until Friday and the $ 60,000 in prize money of four individuals or teams.
Last Thursday, Vincenzo Iozzo, Willem Pinckaers and Ralf-Philipp Weinmann, earned $ 15,000 from hacking research in motion BlackBerry Torch with exploit of WebKit vulnerability in the BlackBerry browser. The same day, Dion Blazakis and four-time winner, Charlie Miller use different WebKit deficiency of Apple Safari browser on iPhone 4.
According to Google, Weinmann and Iozzo Pinckaers WebKit bug is "memory corruption in style." Google's assessment of the threat to consumers as "high," the second most poor ranking.
As Google's practice, it blocks access to their error tracking to prevent outsiders to view technical details of just patched vulnerability. Company block public access to disadvantages for weeks or even months, to allow time for users to be updated.
Apple, which will have to Patch the same bug for WebKit that Google considered and that this Blazakis and operated Miller, did not comment on his process for the security update.
Google also gives Weinmann and Iozzo, Pinckaers $ 1,337 from its own programme and bug generosity, adding to its collection of cash for Pwn2Own hack.
Chromium or Mozilla Firefox have been contested in last week's Pwn2Own: researchers, who have previously registered to the browsers do not appear or be withdrawn because they failed to come up with reliable exploits in time for the contest.
Employees of Mozilla and Google touted skills for survival of browsers.
"Whew, Firefox survives # pwn2own 2011 this is Laurel, we are on, but I'm still happy about it," says Brendan Eich, Mozilla's CTO, in tweets last week. "Congrats on chromium survival, too."
"And the two surviving browsers: open source, generosity programs have built-in teams of security, better faster repairs. Match? "tweeted Chris Evans, engineer of the team for the protection of chromium.
Smartphones, Google Android and Microsoft Windows phone 7 operating systems also escaped Pwn2Own Cat.
Last week contest was third consecutive Pwn2Own that Chrome is not used by the researchers. It is the first time for Firefox, since browsers are identified as objectives in 2009.
0 komentar:
Posting Komentar