Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Pwn2Own 2017: Experts Hack Edge, Safari, Ubuntu

Bug bounty hunters have managed to hack Microsoft Edge, Safari, Ubuntu and Adobe Reader on the first day of the Pwn2Own 2017 competition taking place these days alongside the CanSecWest conference in Vancouver, Canada.

Bug bounty hunters have managed to hack Microsoft Edge, Safari, Ubuntu and Adobe Reader on the first day of the Pwn2Own 2017 competition taking place these days alongside the CanSecWest conference in Vancouver, Canada.

The prize pool for this year’s event is $1 million and 11 teams have signed up to hack products in four categories. On the first day of the competition, participants earned a total of $233,000 for the exploits they disclosed.

A team from Chinese security firm Qihoo360 earned $50,000 for hacking Adobe Reader on Windows. The hackers leveraged remote code execution and information disclosure vulnerabilities in Windows, and a JPEG2000 heap overflow in Reader to complete the task.

Adobe Reader was also cracked by Team Sniper from Tencent Security, which exploited use-after-free and information disclosure flaws to achieve code execution, and a use-after-free in the kernel to obtain SYSTEM-level permissions. The team earned $25,000 for its exploits.

Researchers Samuel Groß and Niklas Baumstark earned $28,000 for hacking Apple’s Safari web browser using a combination of a use-after-free flaw, three logic bugs and a null pointer dereference. Their attempt was only partially successful, but they did earn style points for displaying a special message on the targeted Mac’s touch bar.

The Beijing-based Chaitin Security Research Lab earned $35,000 for gaining root access to a Mac through Safari. The team exploited six flaws, including one information disclosure, four type confusions and a use-after-free.

The same team also successfully hacked Ubuntu Desktop via a heap out-of-bounds access in the Linux kernel, which earned them $15,000. It’s worth noting that this is the first Pwn2Own where participants get rewarded for finding local privilege escalation vulnerabilities.

The highest reward of the first day, $80,000, was earned by Tencent Security’s Team Ether, which managed to hack Microsoft’s Edge browser using an arbitrary write bug in Chakra and a logic bug to escape the sandbox.

Advertisement. Scroll to continue reading.

Each of these contestants also earned Master of Pwn points, and the researcher or team with the highest total will receive 65,000 ZDI reward points, which are worth roughly $25,000.

Team Ether had signed up to hack Windows as well, but they withdrew the entry. Researcher Ralf-Philipp Weinmann, who targeted Edge, also withdrew his entry. Richard Zhu and Team Sniper failed to hack Safari and Google Chrome, respectively, in the allocated timeframe.

Related: Pwn2Own 2016 – Hackers Earn $460,000 for 21 New Flaws

Related: Nexus 6P, iPhone 6S Hacked at Mobile Pwn2Own 2016

Related: Researchers Awarded $552,500 at Pwn2Own 2015

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Madhu Gottumukkala has been named Deputy Director of the cybersecurity agency CISA.

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

Phil Venables, former CISO of Google Cloud, has joined Ballistic Ventures as a Venture Partner.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.