Security News > 2022 > May > Microsoft Teams, Windows 11 hacked on first day of Pwn2Own
During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform.
The first to fall was Microsoft Teams in the enterprise communications category after Hector Peralta exploited an improper configuration flaw.
Microsoft Teams was hacked a third time by Masato Kinugawa, who exploited a 3-bug chain of injection, misconfiguration, and sandbox escape.
Each of them earned $150,000 for successfully demonstrating their Microsoft Teams zero-days.
Other highlights from the first day of Pwn2Own include Marcin Wiązowski, Team Orca of Sea Security, and Keith Yeo demonstrating more zero-days in Windows 11 and Ubuntu Desktop,.
On the second day, Pwn2Own competitors will attempt to exploit zero-days in the Tesla Model 3 Infotainment System and Diagnostic Ethernet, Windows 11, and Ubuntu Desktop.
News URL
Related news
- Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams (source)
- Microsoft: Windows Recall now can be removed, is more secure (source)
- Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)