During the second day of competition Pwn2Own hacker successfully hacked four desktop browser - Safari, Firefox, Chrome and IE. Web browser Apple has not helped released not so long ago, the security update.
The competition Pwn2Own 2015, held annually at the CanSecWest conference in Vancouver, working techniques were demonstrated operation of previously unknown vulnerabilities in popular browsers. They have led to the successful implementation of the attacker's code in the system. During the two days of competition as a premium was paid $ 557,500 for a demonstration of attacks spanning 21 previously unknown vulnerability.
In Safari, it was revealed two vulnerabilities in Firefox - 3 in Chrome - 1, in Internet Explorer 11 - 4. During the attack on the browsers and disclosure of five new vulnerabilities in Windows, three in Adobe Reader and three in Adobe Flash.
In all cases, the attacks were carried out in the processing of a browser specially designed web pages (or open the document in Adobe Reader), which ended with the discovery of gaining full control over the system. In a demonstration of the attacks used the latest stable releases of browsers and operating systems with all available updates in the default configuration. In accordance with the terms of the competition, detailed information about all demonstrated a 0-day vulnerabilities will be published only after the release of the producers updates with the removal of these vulnerabilities.
At Pwn2Own particularly distinguished himself Korean security researcher John Hoon Lee, who earned 225,000 dollars, demonstrating a successful attack on the Safari ($ 50,000), Chrome ($ 110 thousand) and Internet Explorer ($ 65 thousand).