Security News > 2021 > April > Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own
During the first day of Pwn2Own 2021, contestants won $440,000 after successfully exploiting previously unknown vulnerabilities to hack Microsoft's Windows 10 OS, the Exchange mail server, and the Teams communication platform.
The first to fall was Microsoft Exchange in the Server category after the Devcore team achieved remote code execution on an Exchange server by chaining together an authentication bypass and a local privilege escalation.
Next, a security researcher using the OV online moniker successfully obtained code execution on Microsoft Teams in the Enterprise Communications category by combining two separate security bugs.
Team Viettel earned $40,000 and 4 Master of Pwn points after escalating privileges to SYSTEM from a regular user on Windows 10 while competing in the Local Escalation of Privilege category.
On the second day, Pwn2Own competitors will also target Google Chrome, Microsoft Edge, Zoom Messenger, while others will try their hand at exploiting other new bugs in Microsoft Exchange, Windows 10, Ubuntu Desktop, and Parallels Desktop.
During the Pwn2Own 2021 contest, 23 teams and researchers will target ten different products in the Web Browsers, Virtualization, Servers, Local Escalation of Privilege, and Enterprise Communications categories.
News URL
Related news
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)