As part of the contest, Pwn2Own participants used a previously unknown vulnerability in Chrome, Firefox, IE 10, Windows 8 and Java. Attacks could be made by processing in the browser specially created web-pages, which ended by gain full control over the system. Hackers spent hacking the most recent and stable versions of browsers and operating systems Windows 7, 8 and Mac OS X Lion Mountain.
Details of detected vulnerabilities were published after manufacturers have released to eliminate them.
Pwn2Own prize fund this year was increased significantly. In particular, the reward for hacking Chrome is $100 thousand for hacking IE – $ 75 thousand for hacking Firefox – $60 thousand, for hacking Safari – $ 65K
It is known that the hacking was carried out on Windows 8 tablet Surface Pro by exploiting two vulnerabilities in IE zero-day 10 and new technology to go beyond the sandbox.
Nils experts and Jon Butler of Vupen Security to carry out hacking Chrome after a multilevel working exploited a zero-day vulnerability in the OS to bypass sandbox restrictions, combined with the vulnerability in the browser rendering. Sandbox bypass was organized through the exploitation of vulnerability in the kernel, allowing execution of code outside an isolated environment with system privileges of Windows.