Samsung Galaxy S4 and iPhone 5 zero-day exploits revealed at Pwn2Own 2013 Contest

At Information Security Conference PacSec 2013 in Tokyo, Apple’s Safari browser for theiPhone5 and theSamsung Galaxy S4have been exploited by two teams of Japanese and Chinese white hat hackers.
In HP's Pwn2Own 2013 contest ,Japanesesquad Team MBSD, of Mitsui Bussan Secure Directions won won $40,000 reward for zero day exploit for hacking Samsung Galaxy S4. The vulnerabilities allow the attacker to wholly compromise the device in several ways, such as using a drive-by download to install malware on the phone.
In order for the exploit to be successful, the group lured a user to a malicious website, gained system-level privileges and installed applications that allowed the team to gather information, including SMS messages, contacts and browsing history. They
Another Hackers Team from Keen Cloud Tech in China showed how to exploit avulnerabilityiniOSversion 7.0.3 to steal Facebook login credentials and a photo from a device running iOS 6.1.4. They won $27,500 in prize money. Keen Team is the first everChinesewinners of anyPwn2Owncompetition.
Both hacks would require user interaction, but took no longer than five minutes to perform. Organisers from the HP Zero Day Initiative have informed Samsung and Apple about thezero-dayflaws and they will be working to address.