Pwn2Own 2016: Once again, major browsers were targeted by hackers who took part in the two-day Pwn2Own security contest.
In this two-day period, security gaps were presented in Google Chrome, τον Microsoft Edge, και το Safari της Apple. Απονεμήθηκαν συνολικά 460.000 δολάρια για 21 vulnerable points discovered in the three browsers, Windows, OS X, and of course Flash.
The total of last year's profits was 557.500 dollars.
The annual PWN2own competition is held every year since 2007 at congress for CanSecWest security.
The aim of the competition is to infringement widely used software and mobile devices with undisclosed vulnerabilities. The reward is cash and prizes.
The name of the contest comes from the fact that contestants have to Pwn (another way to say "hack") the device in order to become "their" (to Own or 2Own)
Of the three browsers, Chrome went better. Two attempts were made to violate the program: One failed and the other was judged to be a partial success. The last exploit had already been reported to Google, so it did not yield any profits to the hacker.
But Edge and Safari did not manage to escape from any attack. Two attempts were made in the Microsoft browser and three attempts in the Apple browser.
All attempts were successful (2 / 2 for Edge and 3 / 3 for Safari). The biggest prize money for a single effort was $ 85.000 for a Microsoft Edge pwning.
The 21 security gaps shown:
- Microsoft Windows: 6
- Apple OS X: 5
- Adobe Flash: 4
- Apple Safari: 3
- Microsoft Edge: 2
- Google Chrome: 1 (already reported to the company)
Firefox is completely missing from the list.
https://www.youtube.com/watch?v=DOmzWKW-mto
https://www.youtube.com/watch?v=Sh8pveFv2DI