Safari Exploits Demonstrated At Pwn20wn 2018

It is rare if not impossible that software is completely invulnerable to hacks or exploits, which is why updates are important and why companies reward developers who discover bugs or possible hacks. In fact recently at the Pwn20wn 2018 event, several Safari exploits were demonstrated.

During the event, security researchers who were in attendance managed to exploit Safari not just once, but twice, with one exploit being successfully taken advantage of within the competition’s 30-minute, 3 try guidelines, while the second exploit took four attempts. Regardless of the number of attempts, the fact that these exploits existed is the key takeaway.

One of the hacks involved overwriting the kernel and execute code that exploited the browser, while the other used a couple of Safari vulnerabilities to execute a sandbox escape. The successful researchers were awarded $65,000 and $55,000 respectively. However the good news is that naturally representatives for the companies were in attendance, including Apple.

They were also made aware of all security vulnerabilities that were discovered during the competition so that they can be patched in future software updates. It is unclear as to when these updates will be issued, but hopefully these exploits aren’t too severe where they might have disastrous consequences if exploited for real.

Tyler Lee
Categories: Apple, Computers
Tags: Apps, Hack, iOS, macOS, safari, Security