• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Security and Privacy / Pwn2Own 2017 results

Pwn2Own 2017 results

2017-03-16 by Jason

As the second year under Trend Micro’s ownership, the popular hacking event Pwn2Own is celebrating its 10 year anniversary.

The targets this year include VMware Workstation, Microsoft Hyper-V, Google Chrome, Microsoft Edge, Mozilla Firefox, Adobe Flash in Microsoft Edge, and Apple Safari. There are also demonstrations of local Escalation of Privilege bugs against Windows, macOS, and Ubuntu Desktop. Enterprise applications are also being added this year with Adobe Reader, Microsoft Word, Excel, and PowerPoint being include. Another new category is server-side exploits with Apache Web Server on Ubuntu Server as the target.

Day One

Day one got off to a successful start.

  • 360 Security targeted Adobe Reader successfully for $50,000.
  • Samuel Groß and Niklas Baumstark were partially successful against Apple Safari with an escalation to root on macOS for $28,000.
  • Tencent Security – Team Ether successfully exploited Microsoft Edge for $80,000.
  • Chaitin Security Research Lab successfully exploited Ubuntu Desktop for $15,000.
  • Tencent Security – Team Ether withdrew this attempt against Microsoft Windows.
  • Ralf-Philipp Weinmann withdrew from an attempt against Microsoft Edge.
  • Tencent Security – Team Sniper failed against Google Chrome within the time limit.
  • Tencent Security – Team Sniper succeeded against Adobe Reader for $25,000.
  • Chaitin Security Research Lab succeded with an exploit of Apple Safari with an escalation of privilege on macOS for $35,000.
  • Richard Zhu failed to exploit Apple Safari within the allotted time.

In total, $233,000 was paid out in Day 1 of Pwn2Own 2017. The one with the most Master of Pwn points at the end of the contest will receive an additional $25,000.

For more details, you can view the Trend Micro day 1 recap and their video below.

Day Two

Day two of Pwn2Own 2017 added a second track to focus on the macOS line.

  • 360 Security successfully exploited Adobe Flash with an elevated SYSTEM bug earning $40,000.
  • Tencent Security – Team Shield withdrew from an Apple macOS attempt.
  • Tencent Security – Team Sniper succeeded against Adobe Flash with a SYSTEM level escalation for $40,000.
  • 360 Security succeeded against Apple macOS for $10,000.
  • Tencent Security – Lance Team succeeded against Microsoft Edge with a SYSTEM level escalation for $55,000.
  • 360 Security succeeded against Apple Safari with escalation to root on macOS for $35,000.
  • Tencent Security – Sword Team was disqualified in this attempt for using known bugs against Microsoft Edge.
  • Chaitin Security Research Lab succeeded against macOS for $10,000.
  • Tencent Security – Lance Team withdrew in this attempt against Windows.
  • Tencent Security – Team Sniper was disqualified in this attempt for using known bugs against Apple macOS.
  • Tencent Security – Team Shield withdrew in this attempt against Microsoft Edge.
  • Moritz Jodeit, Blue Frost Security failed to exploit Mozilla Firefox within the time limit.
  • Tencent Security – Team Sniper succeeded against Microsoft Edge with a SYSTEM-level escalation for $55,000.
  • Chaitin Security Research Lab succeeded against Mozilla Firefox with a SYSTEM-level escalation for $30,000.
  • 360 Security succeeded against Windows for $15,000.
  • Tencent Security – Team Sniper succeeded against Apple Safari with escalation to root on macOS for $35,000.
  • Tencent Security – Team Sniper succeeded against Windows for $15,000.

For more details, you can view the Trend Micro day 2 recap and their video below.

Day Three

The last day of Pwn2Own 2017 brought three more successful attempts at compromising the targets and over $250,000 being given away.

  • 360 Security succeeded against Microsoft Edge with a SYSTEM-level escalation and a virtual machine escape for $105,000.
  • Richard Zhu succeeded against Microsoft Edge with a SYSTEM-level escalation for $55,000.
  • Tencent Security – Team Sniper succeeded against VMWare Workstation for $100,000.

For more details, you can view the Trend Micro day 3 recap.

360 Security was crowned the Master of Pwn at Pwn2Own 2017 with the most points and earning an extra $25,000 for the title.

Filed Under: Featured, Security and Privacy Tagged With: exploits, hacking, pwn2own

Trending

  • How to fix input lag in games on Windows 10
    In Operating Systems, Tech Solutions
  • Comparison shopping USB 3.0 drives
    In Hardware, Gadgets, and Products
  • HP Smart Install for printers makes me look dumb
    In Hardware, Gadgets, and Products

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • Command line to take ownership and change permissions Command line to take ownership and change permissions
  • Creating and editing views in phpMyAdmin Creating and editing views in phpMyAdmin
  • Configure Outlook to recurring appointments for the last weekday of the month Configure Outlook to recurring appointments for the last weekday of the month
  • How to Purchase Cryptocurrencies? How to Purchase Cryptocurrencies?
  • Top 6 necessary aspects to consider when hiring Angular developers Top 6 necessary aspects to consider when hiring Angular developers
  • Full guide on drawbacks and benefits of Node.js for making the perfect choice for your business Full guide on drawbacks and benefits of Node.js for making the perfect choice for your business
  • Benefits of End-To-End Testing That Will Match Company Expectations Benefits of End-To-End Testing That Will Match Company Expectations
  • 3 Key Features of Pets Health Monitoring Systems 3 Key Features of Pets Health Monitoring Systems
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • How to Purchase Cryptocurrencies?
  • Top 6 necessary aspects to consider when hiring Angular developers
  • Full guide on drawbacks and benefits of Node.js for making the perfect choice for your business

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2023 · Magazine Pro Theme on Genesis Framework · WordPress · Log in