Mac OS X Hacked - Vista SP1 Hacked – Ubuntu Linux Survives Unscathed

Ubuntu 7.10 is the only operating system that has survived unscathed from a hacking competition hosted by CanSecWest Vancouver 2008 and sponsored by TippingPoint's Zero Day Initiative. Outside of the Canonical distribution of the Linux operating system, Apple's Mac OS X Leopard was the first to be owned in day 2 of CanSecWest with Windows Vista Ultimate Service Pack 1 next on the last day. All the platforms which have been used as targets in the competition were fully updated with the latest released security patches. But while Mac OS X 10.5.2 Leopard was hacked via a zero-day vulnerability in Safari 3.1, Vista Ultimate SP1 was owned through a zero-day security flaw in Adobe's Flash, and not through a whole in the operating system or any of its default components.

"Congratulations to Shane Macaulay from Security Objectives - he has just won the Fujitsu U810 laptop running Vista Ultimate SP1 after it was installed with the latest version of Adobe Flash. Not only is he the official winner of the Fujitsu laptop, but also $5,000 from us. Shane received some assistance from his friends Derek Callaway (also from Security Objectives) and Alexander Sotirov. If you'll also remember, Shane Macaulay was Dino Dai Zovi's on-site team member at last year's PWN to OWN event in which they ultimately took the top prize," reads a message from TippingPoint.

Windows Vista Ultimate SP1 managed to survive a siege of no less than two hours before it was hacked. The organizers permitted security researchers to hack not only the operating systems, but also a number of widely spread applications including Adobe PDF, Flash, Silverlight, Outlook/Outlook, Express, Firefox, Safari, iChat, Apple Mail, Skype, Adium, Pigdin, Kmail, Thunderbird, Evolution, mutt, AOL, Yahoo!, and MSN official IM clients and Java/JRE. With the conference now over, Ubuntu 7.10 is the only platform that was intact, managing in this context to support the perspective that Linux simply offers more in terms of security than Mac OS X and Windows.

"The new Adobe Flash 0day vulnerability that Shane exploited has been acquired by the Zero Day Initiative, and has been responsibly disclosed to Adobe who is now working on the issue. Until Adobe releases a patch for this issue, neither we nor the contestants will be giving out any additional information about the vulnerability," TippingPoint added.

MORE RELATED ARTICLES: Whatever You Do, Do Not Download XP SP3 and Windows 7 from Torrent Trackers Vista Ultimate SP1 vs. OS X Leopard 10.5.2 vs. Ubuntu 7.10 Microsoft Prepares Its Vista SP1 Heavy Guns – Will Linux and Mac OS X Be Hurt? Firefox 3.0 Beta 4 Download Now! Look Forward to Firefox 3.0 Beta 5 IE8 Beta 1 Does Not Install on Pre-RTM Vista SP1 Forget XP SP3, Vista SP1 and Windows 7 – Microsoft's Singularity OS Free Download Will Vista SP1 Trample XP SP3, OS X and Linux in Its Way to the Top?