Personally I have argued with several Tech guys about how safe Apple system and better to use than other systems.

This assertion can not be rejected because its been proven by high security experts. Pw2Own annual contest featured by

many hackers aim at punching holes in the latest operating systems and browsers from major vendors, including Apple as

noted by threatpost reports that the ”Keen Team” focused safari on thursday and exploited it with relative ease.

Safari Browser

Safari Browser

The team took home a $40,000 bounty for their efforts on Safari, as well as a share in a $75,000 prize for co-engineering a zero-day Flash exploit. They say they will donate some of their winnings towards charities representing missing Malaysian Airplane passengers. The group say that for Safari, they used two different exploit vectors. One vulnerability was a heap overflow in

WebKit that enabled arbitrary code execution. The team then used this opening to use another exploit to bypass the application sandbox and run code as if it was user privileged.

According to Chen, one of the pair who represented the Keen Team at Pwn2Own, the WebKit fix is will be easy for Apple to resolve although the sandbox exploit may be harder.

“I think the Webkit fix will be relatively easy,” Chen said. “The system-level vulnerability is related to how they designed the application; it may be more difficult for them.”

That being said, Chen believes that OS X offers better security than its rival operating systems.

“For Apple, the OS is regarded as very safe and has a very good security architecture,” Chen said. “Even if you have a vulnerability, it’s very difficult to exploit. Today we demonstrated that with some advanced technology, the system is still able to be pwned. But in general, the security in OS X is higher than other operating systems.”

In a separate interview with CNET, Chen said that despite the locked-down nature of iOS, Apple’s mobile OS is usually easier to target than OS X because Apple implements newer security safeguards more quickly on the desktop platform.

As usual, Apple representatives observed the exploits at the event so fixes for the issues will likely appear bundled into future software updates for iOS and OS X.

 

Subscribe To Our Tech News & Newsletters

Join our mailing list to receive the latest tech news and updates from our team.

You have Successfully Subscribed!

Share This