The tenth meeting - hacker contest at Pwn2Own 2017 continues successfully. The products which the teams targeted included operating systems, web browsers, new Enterprise and server-side applications. The competition is held by Trend Micro Security and lasts three days.
The competition was also added as targets Adobe Reader, but also Apache Web Server, by the committee of Pwn2Own 2017.
On the first day of Pwn2Own 2017, teams successfully exploited vulnerabilities in Adobe Reader (twice), Apple Safari (twice), Microsoft Edge, and Ubuntu Desktop. Attacks against Google Chrome and Microsoft Windows have failed.
On the second day, the teams managed to hit the Adobe Flash (twice), Microsoft Edge (twice), Apple Safari, Mac OS X, Mozilla Firefox, but also Windows successfully this time.
Other attacks against Firefox, Windows, Microsoft Edge, Mac OS X, failed, and were blocked.
The third day is expected to see three additional efforts against the following goals: Microsoft Edge (twice), and VMWare Workstation.
Pwn2Own 2017 The results so far:
On the operating system side, three different platforms have been successfully compromised: Windows, Mac OS X, and Ubuntu Desktop.
On the side of browsers, Microsoft Edge, Firefox and Safari have been successfully compromised. An attempt against Chrome failed, and a second attack against Firefox also failed. Both Edge and Apple's Safari have been exploited many times.
On the application side now, Adobe products, Flash player and Reader were violated (unsurprisingly) successfully many times.
Surprisingly, it has been the many times of Edge's breach, which Microsoft mentions as the most secure browser.
It should be mentioned that other browsers based on Chromium, such as Vivaldi or Opera was not among the products the teams chose to compete.
You can see videos with the results of the first day below.
Additional information for this year's Pwn2Own contest are available on the blog TrendMicro Zero Day Initiative.