๐ Pwn2Own 2021 - Schedule and Live Results
๐ก Newskategorie: Hacking
๐ Quelle: thezdi.com
Welcome to Pwn2Own 2021! This year, weโre distributed amongst various locations to run the contest, but weโll be bringing you all of the results live from Austin with love. This yearโs event is shaping up to be one of the largest in Pwn2Own history, with 23 separate entries targeting 10 different products in the categories of Web Browsers, Virtualization, Servers, Local Escalation of Privilege, and - our newest category - Enterprise Communications.
If youโve ever wanted to watch Pwn2Own but couldnโt get to Vancouver, youโre in luck! Weโll be streaming the entirety of the event on YouTube, Twitch, and the conference site. In between the attempts, weโll also have interviews with researchers and vendors, highlights from previous events, and other videos highlighting some of the work done by Trend Micro research. On Wednesday, weโll have a special โHacker Hall of Fameโ video series that is not to be missed. Be sure to stop by often to see the latest.
As always, we started the contest with a random drawing to determine the order of attempts. We have a total of 23 attempts scheduled over the next three very full days. The complete schedule for the contest is below (all times Eastern [UTC -4:00]). We will update this schedule with results as they become available.
Note: All times subject to change
Tuesday, April 6
1000 - Jack Dates from RET2 Systems targeting Apple Safari in the Web Browser category
1130 - Devcore targeting Microsoft Exchange in the Server category
1300 - The researcher who goes by OV targeting Microsoft Teams in the Enterprise Communications category
1430 - Team Viettel targeting Windows 10 in the Local Escalation of Privilege category
1530 - The STAR Labs team of Billy, Calvin and Ramdhan targeting Parallels Desktop in the Virtualization category
1630 - Ryota Shiga of Flatt Security Incย targeting Ubuntu Desktop in the Local Escalation of Privilege category
1730 - The STAR Labs team of Billy, Calvin and Ramdhan Oracle VirtualBox in the Virtualization category
Wednesday, April 7
0900 - Jack Dates from RET2 Systems targeting Parallels Desktop in the Virtualization category
1000 - Bruno Keith & Niklas Baumstark of Dataflow Security targeting Google Chrome and Microsoft Edge (Chromium) in the Web Browser category
1130 - Team Viettel targeting Microsoft Exchange in the Server category
1300 - Daan Keuper and Thijs Alkemade from Computest targeting Zoom Messenger in the Enterprise Communications category
1430 - Tao Yan (@Ga1ois) of Palo Alto Networks targeting Windows 10 in the Local Escalation of Privilege category
1530 - Sunjoo Park (aka grigoritchy) targeting Parallels Desktop in the Virtualization category
1630 - Manfred Paul targeting Ubuntu Desktop in the Local Escalation of Privilege category
1730 - The researcher known as z3r09 targeting Windows 10 in the Local Escalation of Privilege category
Thursday, April 8
0900 - Benjamin McBride from L3Harris Trenchant targeting Parallels Desktop in the Virtualization category
1000 - Steven Seeley of Source Incite targeting Microsoft Exchange in the Server category
1130 - The STAR Labs team of Billy, Calvin and Ramdhan targeting Ubuntu Desktop in the Local Escalation of Privilege category
1230 - Fabien Perigaud of Synacktiv targeting Windows 10 in the Local Escalation of Privilege category
1330 - Alisa Esage targeting Parallels Desktop in the Virtualization category
1430 - Vincent Dehors of Synacktivย targeting Ubuntu Desktop in the Local Escalation of Privilege category
1530 - Da Lao targeting Parallels Desktop in the Virtualization category
1630 - Marcin Wiazowski targeting Windows 10 in the Local Escalation of Privilege category
Thanks again to our partners Tesla, Zoom, and Adobe as well as our sponsor VMware. Thanks also to the researchers who participate and to the vendors for providing fixes for whatโs discovered during the contest. As a reminder, vendors have 90 days to produce a fix for all vulnerabilities reported.
...