June 29, 2022

After the primary and second day, on day 3 , Three extra zero-day exploits have been efficiently utilized by safety researchers to hack the Home windows 11 OS of Microsoft on the third and final day of the 2022 Pwn2Own Vancouver hacking contest.

Group DoubleDragon’s first try of the day to use Microsoft Groups failed as a result of they have been unable to show their exploit throughout the time allowed by Microsoft.

Though all just isn’t misplaced, as a result of ZDI was capable of incorporate Group Double Dragon’s analysis into customary procedures.

EHA

The opposite contestants had efficiently taken down Home windows 11 for 3 times and Ubuntu Desktop for one time as effectively, incomes them $160,000.

It was proven efficiently that nghiadt12 from Viettel Cyber Safety was capable of exploit an integer overflow vulnerability in Home windows 11 as a way to achieve elevated privileges.

In flip, they obtained a reward of $40,000 together with 4 Grasp of Pwn factors as a reward for his or her execution.

On Ubuntu Desktop, a Use-After-Free exploit was efficiently demonstrated by the STAR Labs’ Billy Jheng Bing-Jhong (@st424204). His mastery of Pwn capabilities earned him one other $40,000 together with 4 extra Grasp factors.

By way of an improperly applied entry management mechanism on Microsoft Home windows 11, vinhthp1712 has achieved Elevation of Privilege. It has been confirmed that vinhthp1712 has been awarded $40,000 and 4 Grasp of Pwn factors.

Bruno PUJOS from REverse Ways has achieved Elevation of Privilege by using the Use-After-Free exploit on Microsoft Home windows 11 throughout the remaining try of the competitors.

Whereas additionally it is price mentioning that this earned him $40,000 along with 4 Grasp of Pwn factors.

In conclusion, the frequently scheduled programming occasion, Pwn2Own has concluded with this remaining session.

The whole variety of makes an attempt this yr was 21 from 17 totally different contestants with Pattern Micro and ZDI awarding $1,155,000 to the winner.

You’ll be able to observe us on Linkedin, TwitterFb for day by day Cybersecurity and hacking information updates.

See also  A whole lot of HP Printer Fashions Affected by Essential Distant Code Execution