PWN2OWN results Day Two - Adobe Reader and Flash owned, Java felled yet again

м¢ℓσνιη

Active Member
Reputation
0
Sophos said:
PWN2OWN 2013 is over.

Day Two ended in a similar fashion to Day One, with everyone who went in to bat slugging the ball into the crowd.

Yesterday, all the mainstream browsers (sorry, Opera fans!) except for Safari fell, though no-one actually tried Safari and failed.

Java fell three times yesterday, though under the contest rules, only the first attacker was due to win the $20,000 prize.

But in a fit of largesse, the sponsors announced that they'd pay up not just to the first successful attacker in each category, but to everyone who popped any of the products:
announcement-486.png
That put a biggish additional lump of cash on the table, with two more Java attacks to pay out on from yesterday ($40k), and a possible $100k extra if Pham Toan's scheduled attack on IE 10 worked out.

As it happened, IE 10 wasn't owned today.

From the results shown below, it looks as though Pham didn't actually make his attempt, as he's no longer listed at all, not even as trying and failing.

But a pre-registered contestant named Ben Murphy stepped up instead.

Not in person, but through a proxy (I assume this means a human proxy appearing live but following Ben's instructions), who successfully popped Java for a fourth time in the competition.

The final results look like this:
results-486.png

Read more: http://nakedsecurity.sophos.com/201...reader-and-flash-owned-java-felled-yet-again/
 
Top