This year Pwn2Own held in Vancouver is over and participants from all over the world got a cash prize of about $557,500 collectively by finding 21 critical bugs in Chrome, Firefox, Safari, Internet Explorer 11 and even in Windows OS, Adobe Reader and Adobe Flash.
Let me first tell you what Pwn2Own is? Pwn2Own is a browser security competition that first started in 2007 where security researchers from all over the world and come to show down their talents by finding security flaws in latest browsers such as Chrome, Safari, Firefox and Internet Explorer and in return they get cash prizes.
Each contender gets 30 minutes time to find and demonstrate the bug on a never use machine that runs latest software OS. Though, these contenders have worked for weeks before this competition so that they can complete the work in 30 minutes without fail.
How Browsers Failed
- 4 bugs were found in Internet Explorer tested on Windows 8.1 OS
- 3 bugs were found in Mozila Firefox tested on Windows 8.1 OS
- 2 bugs were found in Safari tested on OS X Yosemite
- 1 bug was found in Chrome tested on Windows 8.1
Winners at Pwn2Own
- JungHoon Lee was the top contender earning a total of $225,000 in Pwn2Own by getting $110,000 for Chrome bug, $50,000 for Safari bug and $65,000 for the Internet Explorer 11 bug. JungHoon Lee made the history of the highest payout for the Chrome browser as it is not easy to exploit.
- Another hacker by the name of 1lxu1a was awarded $15,000 for finding a bug in Firefox in few seconds.
- Team509 and KeenTeam earned $60,000 for finding a bug in Adobe Flash and $25,000 bonus.
- Joly earned $30,000 for finding another bug in Adobe Flash and $60,000 for Adobe Reader exploit.
- Mlynski earned $55,000 for Firefox exploit.
- 360 Vulcan team was awarded $32,500 for finding a bug in 64-bit Microsoft Internet Explorer 11.
So, here’s all the news from this year Pwn2Own competition in which total count of vulnerabilities is 5 in Windows OS, 4 in Internet Explorer 11, 3 each in Mozilla Firefox, Adobe Reader and Flash Player, 2 in Apple Safari and 1 in Google Chrome. As per the competition rules, all security flaws were reported to the respective vendors. This year’s competition was sponsored by Hewlett-Packard Zero Day Initiative and supported by Google Zero Project.