Top

The Results of Pwn2Own 2011

As previously reported, Pwn2Own took place Wednesday through Friday at CanSecWest this past week. Although, the TippingPoint blog wasn’t updated as the source of winners, we can report the browsers or mobile devices that were compromised based on reports coming out of the conference.

Browsers

“Safari goes down first at #pwn2own

“Stephen Fewer @stephenfewer just successfully compromised Internet Explorer (complete with a Protected Mode bypass) at Pwn2Own.”

The exploit used to exploit IE8 is not present in IE9, which ships on Monday.

Chrome and Firefox, the other browsers in the contest, went unchallenged.

Mobile Devices

The Apple iPhone 4 and RIM’s Blackberry Torch 9800 were both successfully compromised on day 2 of the contest.

Android and Windows Phone 7 based devices survived the challenge.

It was a vulnerability in WebKit that allowed the Blackberry to be compromised. Google has responded by patching the exploit in their WebKit-based Google Chrome.

Reports

Ars Technica has good write-ups on Day 1 and Day 2 of Pwn2Own 2011. In those write-ups you’ll find a lot more details of the winners and some of the compromises.