WebKit Fix for Charlie Miller’s Contest-Winning Exploit

His CanSecWest contest-winning exploit took advantage of an overflow bug in the PCRE regex library used by WebKit’s JavaScript engine.

(Speaking of WebKit fixes, here’s another recent one: a fix for the no-blank-line-after-attribution bug in Mail.)

Saturday, 29 March 2008