Virtual Event Today: Cyber AI & Automation Summit - Register/Login Now
Connect with us

Hi, what are you looking for?


Application Security

Pwn2Own 2017: Experts Hack Edge, Safari, Ubuntu

Bug bounty hunters have managed to hack Microsoft Edge, Safari, Ubuntu and Adobe Reader on the first day of the Pwn2Own 2017 competition taking place these days alongside the CanSecWest conference in Vancouver, Canada.

Bug bounty hunters have managed to hack Microsoft Edge, Safari, Ubuntu and Adobe Reader on the first day of the Pwn2Own 2017 competition taking place these days alongside the CanSecWest conference in Vancouver, Canada.

The prize pool for this year’s event is $1 million and 11 teams have signed up to hack products in four categories. On the first day of the competition, participants earned a total of $233,000 for the exploits they disclosed.

A team from Chinese security firm Qihoo360 earned $50,000 for hacking Adobe Reader on Windows. The hackers leveraged remote code execution and information disclosure vulnerabilities in Windows, and a JPEG2000 heap overflow in Reader to complete the task.

Adobe Reader was also cracked by Team Sniper from Tencent Security, which exploited use-after-free and information disclosure flaws to achieve code execution, and a use-after-free in the kernel to obtain SYSTEM-level permissions. The team earned $25,000 for its exploits.

Researchers Samuel Groß and Niklas Baumstark earned $28,000 for hacking Apple’s Safari web browser using a combination of a use-after-free flaw, three logic bugs and a null pointer dereference. Their attempt was only partially successful, but they did earn style points for displaying a special message on the targeted Mac’s touch bar.

The Beijing-based Chaitin Security Research Lab earned $35,000 for gaining root access to a Mac through Safari. The team exploited six flaws, including one information disclosure, four type confusions and a use-after-free.

The same team also successfully hacked Ubuntu Desktop via a heap out-of-bounds access in the Linux kernel, which earned them $15,000. It’s worth noting that this is the first Pwn2Own where participants get rewarded for finding local privilege escalation vulnerabilities.

The highest reward of the first day, $80,000, was earned by Tencent Security’s Team Ether, which managed to hack Microsoft’s Edge browser using an arbitrary write bug in Chakra and a logic bug to escape the sandbox.

Advertisement. Scroll to continue reading.

Each of these contestants also earned Master of Pwn points, and the researcher or team with the highest total will receive 65,000 ZDI reward points, which are worth roughly $25,000.

Team Ether had signed up to hack Windows as well, but they withdrew the entry. Researcher Ralf-Philipp Weinmann, who targeted Edge, also withdrew his entry. Richard Zhu and Team Sniper failed to hack Safari and Google Chrome, respectively, in the allocated timeframe.

Related: Pwn2Own 2016 – Hackers Earn $460,000 for 21 New Flaws

Related: Nexus 6P, iPhone 6S Hacked at Mobile Pwn2Own 2016

Related: Researchers Awarded $552,500 at Pwn2Own 2015

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...