Vista hacked after third day through Adobe flash
It took three days, but Windows Vista was hacked as well. I blogged earlier that the Mac OS fell the fastest, and now Vista has fallen, through of all things a hole in Adobe flash. Maybe I should take everything Adobe off my computer. Reading through...it looks like the judges relaxed the criteria to get to the machine. The rules:
Three targets, all patched. All in typical client configurations with typical user configurations. You hack it, you get to keep it.
Each has a file on them and it contains the instructions and how to claim the prize.
Targets (typical road-warrior clients):
- VAIO VGN-TZ37CN running Ubuntu 7.10
- Fujitsu U810 running Vista Ultimate SP1
- MacBook Air running OSX 10.5.2
This year's contest will begin on March 26th, and go during the presentation hours and breaks of the conference until March 28th. The main purpose of this contest is to present new vulnerabilities in these systems so that the affected vendor(s) can address them. Participation is open to any registered attendee of CanSecWest 2008.
The relaxing of the rules:
The contest, which saw a MacBook Air get hacked on Thursday, relaxed the rules even further. On the first day of the contest, only the operating system could be targeted, but on the second day that was expanded to include standard applications. An undisclosed Safari flaw led to the MacBook Air's downfall through the OS X operating system.
On Friday, hackers could target any "popular" piece of third-party application software that computer users might locate on a system. The Fujitsu laptop, running Windows Vista Ultimate, was compromised by a previously undiscovered flaw in Adobe's Flash software.
http://cansecwest.com/