The 2017 Pwn2Own, which is a yearly computer hacking event conducted at the CanSecWest security conference, according to the report of Dustin Childs of Zero Day Initiative, recorded the highest ever number of attendees and necessitated a third day of competition, never seen before. The contest coincided with Pwn2Own tenth anniversary celebrations, catapulting to some remarkable results.
On the final day of the event, a team from 360 Security started by successfully performing a complete virtual machine escape via a compromise of Microsoft Edge. Although they didn’t disclose the number of hours invested in the research, the team took only 90 seconds to demonstrate how the code works.
Thereafter, Richard Zhu, successfully penetrated Microsoft Edge by utilizing system-level privilege escalation, earning him $55,000 and 14 points for Master of Pwn. It was the fifth time researchers were performing a hack on Microsoft Edge during the 2017 contest.
Finally, Team Sniper, composed of researchers from Keen Lab and PC Manager (both from China), demonstrated vulnerabilities in the VMWare Workstation (Guest-to-Host). This feat earned the two teams $100,000 and 13 points towards Master for Pwn.
The researchers gave details of their exploits to the security firm, Trend Micro, the event’s main organizer, which consequently reported them to the relevant software companies.