Pwn2Own 2017 Sets Record on Day 2

Pwn2Own, the annual hacking contest sponsored by the Zero Day Initiative (ZDI) and Trend Micro, has set a record for successful exploits, logging 17 entries with 11 successful attempts.

The record came on the second day of the event, which is celebrating its 10-year anniversary. In total, contestants were awarded $340,000 and 97 Master of Pwn points for the day’s unique research.

According to Trend Micro’s results blog post, Track A focused on Adobe and Microsoft products and resulted in the successful exploits of Adobe Flash, Microsoft Edge and Microsoft Windows. ZDI awarded $220,000 and 60 Master of Pwn points to Track A contestants.

Additionally, contestants on Track B looked at Mozilla and Apple products. The teams competing were able to successfully exploit Apple Safari and Mozilla Firefox, resulting in $120,000 and 37 Master of Pwn Points.

On Day 1, contestants were awarded $233,000 and 45 points for Master of Pwn, with five successful attempts (and 20 different bugs in the successful exploits), one partial success, two failures and two entries withdrawn.

This year’s contest features the largest ever amount of prize money up for grabs, with more than $1 million up for the taking. This year's event features 11 teams of contestants targeting products across five categories—30 different attempts in total. Each contestant has three attempts within their allotted timeslot to demonstrate the exploit. The categories are: Virtual Machine Escape (Guest-to-Host); Local Escalation of Privilege; Web Browser and Plugins; Enterprise Applications and Server Side.

What’s Hot on Infosecurity Magazine?