Pwn2Own 2015 begins today and continues into tomorrow at the CanSecWest conference. The targets for exploitation have been announced and so have the seven contestants that have signed up. Each contestant has 30 minutes to demonstrate their exploit and the order of the contestants will be determined by random drawing.
|Google Chrome (64-bit) on Windows||$75,000||ilxu1a, JungHoon Lee (lokihardt)|
|Microsoft Internet Explorer 11 (64-bit with EPM-enabled)||$65,000||JungHoon Lee (lokihardt), “360Vulcan Team”|
|Mozilla Firefox on Windows||$30,000||ilxu1a, Marius Mlynski|
|Adobe Reader running in Internet Explorer 11 (64-bit with EPM-enabled)||$60,000||KeenTeam, Nicolas Joly|
|Adobe Flash (64-bit) running in Internet Explorer 11 (64-bit with EPM-enabled)||$60,000||KeenTeam, Nicolas Joly|
|Apple Safari (64-bit) on Mac OS X||$50,000||JungHoon Lee (lokihardt)|
Along with the cash prizes for successfully demonstrating an exploit, the HP Omen Notebooks will be up for grabs (where Pwn2Own originates from).
For the results of the contestant attempts, you can continue to watch this article. It will be updated as results are posted. Other sources for updates include the HP Security Research Blog and the Zero Day Initiative Twitter account.
|Targets||Contestant||Results and Prizes|
|Adobe Flash||Team509 and KeenTeam||Success: $60K USD plus $25K (escalation privilege bug)|
|Adobe Flash||Nicolas Joly||Success: $30K USD|
|Adobe Reader||Nicolas Joly||Success: $60K USD|
|Adobe Reader||KeenTeam and Tencent PCMgr||Success: $30K USD plus $25K (escalation privilege bug)|
|Mozilla Firefox||Mariusz Mlynski||Success: $30K USD plus $25K (escalation privilege bug)|
|Microsoft IE11||360Vulcan Team||Success: $32,500 USD|
|Mozilla Firefox||ilxu1a||Success: $15,000 USD|
|Microsoft IE11||JungHoon Lee (lokihardt)||Success: $65K USD|
|Google Chrome||JungHoon Lee (lokihardt)||Success: $75K USD plus $25K (escalation privilege bug) plus $10K bug in Chrome beta|
|Apple Safari||JungHoon Lee (lokihardt)||Success: $50K USD|
|Google Chrome||ilxu1a||Unsuccessful within time limit|