The Pwn2Own 2022 is underway at Vancouver and on the first day of the event, ethical hackers and contestants at the event were able to successfully hack Microsoft"s Windows 11 twice. Teams too was attacked successfully. 100% of the attempts ended in success on Day One.
For those unaware, Pwn2Own is an annual computer hacking event, contestants and cybersecurity experts demonstrate their skills in utilizing bugs, zero-day exploits, and other issues to legally crack into various software and receive rewards and recognition. The 2022 edition of Pwn2Own is the 15th anniversary of the contest.
On Day Two however, things have altered and out of the two attempts on Windows 11, only one demonstration ended in success leading to a 50% success rate on the second day. The successful attempt was made by "T0" who was able to demonstrate how an improper access control bug could lead to an elevation of privilege on Windows 11. For this successful exploitation, T0 earned $40,000 and 4 Master of Pwn points.
Meanwhile, contestant "namnp" was unable to demonstrate a successful exploit as they failed to carry it out within the time allotted. The kind of vulnerability the contest was trying to exploit hasn"t been disclosed though it is safe to assume it was some sort of privilege escalation bug. We also don"t know how close the contestant got to completing the task as that detail hasn"t been disclosed.
Source: Zero Day Initiative