Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own.

During the third day of the Pwn2Own hacking contest, security researchers were awarded $185,000 after demonstrating 5 zero-day exploits targeting Windows 11, Ubuntu Desktop, and VMware Workstation virtualization software.

Ubuntu Desktop operating system was hacked three times by three different teams, although one of them was a collision with the exploit being previously known.

The three working Ubuntu zero-days were demonstrated by Kyle Zeng, Mingi Cho, and Bien Pham.

A fully patched Windows 11 system was hacked again at Pwn2Own, with Thomas Imbert earning $30,000 for a bug.

The STAR Labs team used an uninitialized variable and UAF exploit chain against VMware Workstation for an $80,000 award.

During the three days of this year's Pwn2Own Vancouver 2023 contest, security researchers earned $1,035,000 and a car for 27 zero-day exploits demoed.

The winners of the competition are Synacktiv, who earned $530,000 and a Tesla Model 3 car for their exploits.

Vendors have 90 days to patch the zero-day bugs demoed and disclosed during Pwn2Own before Trend Micro's Zero Day Initiative will publicly release technical details.

Post a Comment