Security News > 2021 > April > Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall
Contestants hacked Microsoft's Windows 10 OS twice during the second day of the Pwn2Own 2021 competition, together with the Google Chrome web browser and the Zoom video communication platform.
The first to demo a successful Windows 10 exploit on Wednesday and earn $40,000 was Palo Alto Networks' Tao Yan who used a Race Condition bug to escalate to SYSTEM privileges from a normal user on a fully patched Windows 10 machine.
Windows 10 was hacked a second time using an undocumented integer overflow weakness to escalate permissions up to NT AuthoritySYSTEM by a researcher known as z3r09.
Microsoft's OS was hacked a third time during day one of Pwn2Own by Team Viettel, who escalated a regular user's privileges to SYSTEM using another previously unknown integer overflow bug.
On the third and last day of Pwn2Own 2021, contestants will again target Microsoft's Windows 10 and Exchange products, as well as Ubuntu Desktop and Parallels Desktop.
During the first two days of this year's competition, security researchers passed the $1 million mark in earnings for the first time at Pwn2Own after successfully demoing exploits that brought them $1,060,000 in total.
News URL
Related news
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)
- Windows 10 KB5045594 update fixes multi-function printer bugs (source)
- Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2 (source)
- QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3 (source)
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Windows 10 KB5046613 update released with fixes for printer bugs (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)