|
Apple Patches $10,000 Prize-winning Bug |
Apple has issued a security patch for its Safari Web browser, fixing the flaw that earned one security researcher US$10,000 at the CanSecWest security conference.
The flaw was exploited by Independent Security Evaluators Researcher Charlie Miller to gain access to a MacBook Air computer three weeks ago. It lies in the WebKit open-source HTML rendering engine used by Safari and several other Mac OS X programs.
The bug lay in the way WebKit would process certain specially crafted JavaScript commands. In order to exploit the flaw, Miller had to first make the contest organizers visit a special Web site that contained his malicious JavaScript code.
Read more at: . |