As part of its Zero Day Initiative (ZDI), Trend Micro is holding its first Pwn2Own event in Berlin. The three day event sees security researchers testing and breaching the security of various systems, including Windows 11 and Linux.
With big money on offer, there is a great incentive for researchers to unearth vulnerabilities and show how they can be exploited. And this is precisely what happened with Widows 11; the operating system was pwned multiple times on the first day of the event, and there will be many more attempts made before it is over.
See also:
Red Hat Linux was beaten as well as Microsoft’s operating system, with $260,000 of rewards being handed out to the successful researchers. The event blog for the first day provides some details about the pwning of Windows 11, although, for obvious reasons, details are sparse.
Successful hacks of Windows 11 were as follows:
SUCCESS – Chen Le Qi (@cplearns2h4ck) of STARLabs SG combined a UAF and an integer overflow to escalate to SYSTEM on #Windows 11. He earns $30,000 and 3 Master of Pwn points.
SUCCESS – In a surprise to no one, Marcin WiÄ…zowski’s privilege escalation on Windows 11 is confirmed! He used an Out-of-Bounds Write to escalate to SYSTEM. His work earns him $30,000 and 3 Master of Pwn points.
SUCCESS – Hyeonjin Choi (@d4m0n_8) of Out Of Bounds earns $15,000 for a third round win and 3 Master of Pwn Points by successfully using a type confusion bug to escalate privileges in #Windows11 #Pwn2Own #P2Oberlin
There are still two days left, so we can expect to see Windows 11 getting even more of a battering.
