Pwn2Own 2016: Once again, major browsers were targeted by hackers who took part in the two-day competition security Pwn2own.
This two -day security gaps were presented on Google Chrome, Microsoft Edge, and Apple's Safari. A total of $ 460.000 were awarded for 21 vulnerable points discovered in the three browsers, Windows, OS X, and of course Flash.
The total of last year's profits was 557.500 dollars.
The annual PWN2own competition is held every year since 2007 at congress for CanSecWest security.
The goal of the contest is to violate widely used software and portable devices with vulnerabilities that have not been made public. The reward is cash and awards.
The name of the contest comes from the fact that contestants have to Pwn (another way to say "hack") the device in order to become "their" (to Own or 2Own)
Of the three browsers, Chrome went better. Two attempts were made to violate the program: One failed and the other was judged to be a partial success. The last exploit had already been reported to Google, so it did not yield any profits to the hacker.
Edge and Safari, however, were unable to escape any attack. Two attempts were made in the Microsoft browser and three attempts in the program Apple browser.
All attempts were successful (2 / 2 for Edge and 3 / 3 for Safari). The biggest prize money for a single effort was $ 85.000 for a Microsoft Edge pwning.
The 21 security gaps shown:
- Microsoft Windows: 6
- Apple OS X: 5
- Adobe Flash: 4
- Apple Safari: 3
- Microsoft Edge: 2
- Google Chrome: 1 (already reported to the company)
The list is completely absent Firefox.
https://www.youtube.com/watch?v=DOmzWKW-mto
https://www.youtube.com/watch?v=Sh8pveFv2DI