Originally Posted by RonindeBeatrice
My mother can create a document under her profile, she can delete it, she can run an application from there. Does she have full control of the machine?
"If your mother could create a document under another profile, delete it, and run an application under a different profile. Yes she has full control of the machine."
Sorry just had to correct what had actually happened with this happen so it could be related to your example with your mother.
@the permissions argument.
While yes there are different permissions for a system, the ability to run a program and write/read off a hard drive should be enough to run commands to clear any passwords off any user account, in particular administrative accounts. From there it should not be too difficult to do whatever one wished.
Originally Posted by nathris
Zero day exploits are big news. Apple released a massive security patch before hand, so if the hackers were using an exploit that was patched they would have to try something else.
The IE exploit looks like it was more complicated as well. Its not something where just visiting a website can take over your system.
More then likely the new Apple patch did nothing to the exploit used in the pwn2own event. Also the reason that was mentioned is because a lot of browser companies will update only after the pwn2own event, to prevent them from working hard to crack the new updates.Edited by AsAnAtheist - 3/10/11 at 3:18pm