Skip to main content
  1. Home
  2. Mobile
  3. Legacy Archives

Pwn2Own: Safari, iPhone, IE, and Firefox All Fall

Add as a preferred source on Google
Image used with permission by copyright holder

The Pwn2Own contest at the annual CanSecWest conference in Vancouver, British Columbia has become something of a media event for security researchers, a chance for them to step out from behind glowing LCDs and demonstrate that some of the security threats they’ve hinted could impact everyday computer users are real—and pick up some cash money for their efforts. And this year, they did not disappoint: at the Pwn2Own contest, Apple’s iPhone and Safari fell first to security experts, followed in short order by Internet Explorer 8 and Firefox on Windows 7.

On the Macintosh, the star of Pwn2Own this year was again Charlie Miller of Independent Security Evaluators, who picked up the $10,000 top prize by demonstrating a takeover attack on Safari an Apple MacBook Pro that granted complete access to the machine without requiring any physical access—all the Safari user had to do was visit a Web site with malicious code. Miller won $10,000 n 2008 for breaking into a MacBook Air, and $5,000 last year by exploiting another security loophole in Apple’s Safari browser.

Recommended Videos

Dutch security researcher Peter Vreugdenhil also won $10,000 for a security exploit that bypassed security features in Microsoft’s Internet Explorer 8. A researcher from the UK’s MWR InfoSecurity named Nils—no last names, please—picked up another $10,000 for an exploit targeting Firefox on the the 64-bit version of Windows 7. Last year, Nils picked up $15,000 for a collection of exploits that targeted Firefox, Safari, and Internet Explorer 8.

Perhaops the star of the show, however, was Apple’s iPhone, which fell victim to Ralf Philipp Weinmann and Vincenzo Iozzo, of the University of Luxembourg and the German company Zynamics (respectively), who will share a $15,000 prize.

Researchers aren’t sharing the specifics of their attacks with the general public, in order to give browser and operating system developers a change to patch the loopholes. However, Miller’s attack on Safari is being described as so reliable that, in information security terms, it’s “weaponized.” Vreugdenhil’s attack on IE8 was a four-part process that exploited two separate vulnerabilities; as with Miller’s Safari attack, it launched from a user connecting to a Web site containing malicious code. Nils’ attack on Firefox exploited a memory corruption bug.

Weinmann and Iozzo’s attack on the iPhone also involved visiting a site bearing malicious code; the technique bypassed the iPhone’s code-signing requirement and could be used to access an iPhone’s SMS database, contacts, photos, or other data.

The Pwn2Own contest is sponsored by TippingPoint’s Zero Day Initiative.

As of the start of the second day of the Pwn2Own contest, Google’s Chrome 4 remains the only browser left standing…but that’s probably because it wasn’t tested at all on the first day.

Geoff Duncan
Former Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
The best phones in 2026: our 14 favorite smartphones right now
We tested phones across all price brackets so that you can make the best pick based on your needs and budget.
Google Pixel 10 Pro Fold vs Galaxy Z Fold 7 cameras

Choosing the right smartphone in 2026 is no easy task. Apple and Android manufacturers now have strong options at almost every price, while better cameras, longer battery life, improved software support, new AI features, and more refined foldable designs have made the market more competitive than ever. But picking one is not easy, especially if your budget is tight, or you are just legitimately concerned about getting the best value for your money and need a reliable daily driver for long-term usage.

We have tested and compared the leading smartphones available today, looking beyond the spec sheet to see how they actually perform in daily use. Camera quality, battery life, performance, display quality, software, design, and long-term value all play a part in our recommendations. Whether you are looking for a powerful flagship, a dependable budget phone, a compact device, or a foldable, this guide should help narrow down your choices.

Read more
Snapchat Planets Meaning: Order, Rankings, and How Friend Solar System Works
Snapchat Planets turns your best friends list into a solar system, and yes, your orbit says a lot
Snapchat Planets being shown on the Snapchat app on iPhone.

Snapchat+ includes several exclusive features, but few have generated as much curiosity as Snapchat Planets. Part of the app's Friend Solar System, it transforms your Best Friends list into a planetary ranking, assigning each of your top eight friends a planet based on how often you interact.

From Mercury, which represents your closest friend, to Neptune, which represents your eighth closest, the system offers a quick visual snapshot of your interactions. But what do the different planets actually mean, and how does Snapchat decide who gets which one?

Read more
How to use WhatsApp Web
We'll show you how to use WhatsApp on your desktop or laptop
WhatsApp Web

As one of the most popular messaging services, you’ve already heard of WhatsApp. From its humble beginnings in 2009—two years before Apple introduced iMessage—to its acquisition by Facebook (now Meta) in 2014, WhatsApp has become the dominant messaging platform around the globe.

In recent years, it's grown even more potent with new features like video messages, self-destructing voice messages, the ability to edit sent messages, and more. We even finally got an WhatsApp iPad app in May 2025.

Read more