Microsoft Windows 11 Hacked Six Times In Three Days

By Davey Winder, Forbes

PWN2OWN Vancouver 2022 has now come to an end with seven hackers picking up a total of $240,000 for successful Windows 11 zero-day exploits. The hacking competition saw Windows 11 successfully hacked six times in all, along with one attempt that failed to work within the allotted time.

The six successful Windows 11 hacks were spread across all three days of the hacking competition, two on day one, one on day two, and three on the final day of the event.

  1. Marcin Wiazowski executed an out-of-bounds escalation of privilege exploit that earned a $40,000 reward.
  2. Phan Thanh Duy and Le Hu'u Quang Linh demonstrated another Windows 11 elevation of privilege attack but this with a use after-free-exploit, also winning a $40,000 cash prize.
  3. A hacker known as T0 used an improper access control bug, again resulting in elevation of privilege success and getting another $40,000 prize.
  4. Escalation of privilege hacks were the order of the day, well all three days to be precise, an nghiadt12 used an integer overflow exploit against Windows 11 to pick up $40,000 on day three.
  5. An improper access control exploit gained vinhthp1712, you guessed it, Windows 11 elevation of privilege and yet another $40,000 award.
  6. The very last hack of PWN2OWN Vancouver 2022 was also against Windows 11, and also successful. Bruno Pujos exploited a use-after-free vulnerability to gain elevation of privilege and won the final $40,000 prize of the competition.

It wasn't only Windows 11 that saw multiple successful zero-days uncovered and demonstrated during PWN2OWN, Microsoft Teams was hacked a total of three-time for a total prize money pot of an astonishing $450,000. The greater reward amount, $150,000 for each exploit, reflects the greater complexity of the zero-day exploits demonstrated.

And before those who would knock Microsoft, and especially Windows, take the opportunity to start trolling, this is a good thing from the security perspective. All the vulnerabilities, and all the technical details of the zero-day exploits executed across PWN2OWN, are handed over to the vendors concerned so they can ensure patches are made available to users in due course. The same can be said for Ubuntu Desktop which fell to the zero-day competitive hackers a total of five times.

The total prize money awarded was $1,155,000. This covered an amazing 25 zero-days that were successfully demonstrated by the talented hackers during the event.

Ethical hackers, the security researchers who choose to put their undoubted skills to good use by uncovering previously unknown vulnerabilities, have showcased their talent this week at PWN2OWN Vancouver. In its 15th anniversary year, the elite hacking event created by the Trend Micro Zero Day Initiative (ZDI) pays big bounties to those who reveal zero-days impacting the most prominent of vendors. Remember, hackers are not criminals, and hacking is not a crime when talking about people finding and responsibly disclosing such vulnerabilities.

The PWN2OWN event takes place over three days, ending on Friday, May 20. I will be sure to update this story as and when other significant results are known, with a likely round-up on Saturday. Here are the headline hacks from day one.


Comments

Post a Comment

Popular posts from this blog

Why remote desktop tools are facing an onslaught of cyber threats

Image
By Solomon Klappholz, IT Pro Hackers are increasingly targeting remote desktop tools in their attacks, new research reveals, prompting warnings for enterprises globally In the era of hybrid work, remote desktop tools have become vital business enablers, but due to their pervasiveness on corporate networks they have become a popular entry point for cyber criminals. If successfully exploited, remote access tools can provide hackers with a direct pathway into a system or network, and once access is gained attackers can move laterally within the network, escalating privileges and maintaining persistence. In an investigation into which remote desktop tools are targeted the most, Jonathan Tanner, senior security researcher at Barracuda Networks, explained that remote desktop software poses a particular challenge to IT teams to secure. “Among the security challenges facing IT teams implementing remote desktop software is that there are many different tools available, each using different and ...
Read more

Ransomware gang starts leaking alleged stolen Change Healthcare data

Image
By Lawrence Abrams,  Bleeping Computer The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change Healthcare suffered a cyberattack that caused massive disruption to the US healthcare system , preventing pharmacies and doctors from billing or sending claims to insurance companies. The attack was ultimately linked to the BlackCat / ALPHV ransomware operation, who later said they stole 6 TB of data during the attack . After facing increased pressure from law enforcement, the BlackCat gang shut down their operation . This occurred amid claims they were pulling an exit scam by stealing a $22 million Change Healthcare ransom payment from the affiliate who conducted the attack. While Change Healthcare has declined to comment on whether it has paid a ransom, the affiliate known as "Notchy" said they ...
Read more

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Image
By Sergiu Gatlan,  Bleeping Computer Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. "ALPHV Blackcat affiliates have been observed primarily targeting the healthcare sector," the joint advisory cautions. Today's warning follows an April 2022 FBI flash alert and another advisory issued in December 2023 detailing the BlackCat cybercrime gang's activity since it surfaced in November 2021 as a suspected rebrand of the DarkSide and BlackMatter ransomware groups. The FBI linked BlackCat to over 60 breaches during its first four months of activity (between November 2021 and March 2022) and said the gang has raked in at least $300 million in ransoms from over 1,000 victims until September 2023. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the three federal agencies warned in today...
Read more