The information was shared on Twitter.
“Confirmed! Jack Dates from RET2 Systems used an integer overflow in Safari and an OOB Write to get kernel code execution. He wins $100K plus 10 Master of Pwn points to start the contest off right!”
Confirmed! Jack Dates from RET2 Systems used an integer overflow in Safari and an OOB Write to get kernel code exec… https://t.co/K05u94RIwk
— Zero Day Initiative (@thezdi) 1617721996000
The Pwn2Own occasion shouldn’t be solely for Apple merchandise, although discovering a fault in an online browser made by the tech big is massive as Safari, being part of the Apple ecosystem, is often thought of secure from malicious cyber assaults and comes preinstalled on the iPhone, iPad and the MacBooks. With a zero day vulnerability present in Safari, right here’s hoping Apple acts swiftly on this and patches it with an replace.
During the occasion, some researchers discovered an exploit with the video calling app Zoom which hackers could use to realize entry to the entire laptop system. Team Viettel, one other band of researchers, regarded for vulnerabilities in Windows 10 and used an integer overflow to “escalate from a regular user to SYSTEM privileges” within the Local Escalation of Privilege class. They had been paid $40,000 for his or her profitable try.