Apple plugged the winning vulnerability in the Pwn2own contest on Wednesday in a Safari update. In an update for Safari (3.1.1), Apple fixed the following vulnerabilities: CVE-2008-1026, also known as the flaw that won hacker Charlie Miller $10,000.in the Pwn2Own contest at CanSecWest. This patch covers a vulnerability that allowed a code execution attack via a maliciously crafted Web page. Here's Apple's description: A heap buffer overflow exists in WebKit's handling of JavaScript regular expressions. The issue may be triggered via JavaScript when processing regular expressions with large, nested repetition counts. This may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of JavaScript regular expressions. Affected OSes: Mac OS...