• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   The View from DVLabs – Pwn2Own 2017

The View from DVLabs – Pwn2Own 2017

  • Posted on:March 15, 2017
  • Posted in:Security, Zero Day Initiative
  • Posted by:
    Elisa Lippincott (Global Threat Communications)
0

This blog will be updated throughout the competition so keep tracking for the latest updates!

A global outbreak of bigger bugs. Badder bugs. And they’re threatening the world as we know it. Yes, it sounds like a poorly-written trailer for the next summer blockbuster alien invasion movie, but in truth, it’s a reality we’ll face yet again this year. We are back in Vancouver, B.C. for the 2017 Pwn2Own competition run by the Trend Micro TippingPoint Zero Day Initiative. We are looking at an unprecedented 30 entries this year, well above anything we’ve seen from previous competitions.

 

What is especially exciting are the entrants in the VMware escape category, where we may see exploits not normally seen against the virtual machine allowing an attacker to break out of a VM environment and control the host.

The TippingPoint DVLabs team is onsite as usual, meeting with each of the hacking teams and dissecting the code and exploits in order to provide zero-day filters for all remotely exploitable vulnerabilities. One of the questions we get is: What’s the point of covering these vulnerabilities if only one hacker is attempting to exploit them? Well, you only have to look at the success of the patches from vendors this year for the answer. Just before Pwn2Own commences each year, almost all vendors furiously issue patches to attempt to minimize the number of successful exploits. Once again, we saw a series of likely defensive submissions from contestants, aimed at “burning” or eliminating zero-days that other teams could use to win the competition.

What this tells us is that multiple researchers have found similar zero-day vulnerabilities. We can expand this concept to assume the bad guys have found some of these bugs as well and will use them before they are patched out, if they’re not using them already. This is where you see the power of DVLabs and our Digital Vaccine filter set. By providing “virtual patches” for these extremely dangerous and prolific vulnerabilities, our customers are uniquely protected until vendors can build and release a patch, and maintenance windows can be scheduled for impacted systems to be remedied.

Keep following this post for updates, including upcoming Digital Vaccine coverage for all of the network-exploitable vulnerabilities seen over this hectic three-day hackfest!

Day 1: March 15, 2017

Time (PDT) Team Target Successful? Upcoming Digital Vaccine Coverage?
10:00 am 360 Security (@mj0011sec) Adobe Reader Yes Yes

ZDI-CAN-4575

11:30 am Samuel Groß (@5aelo) and Niklas Baumstark (@_niklasb) Apple Safari with an escalation to root on macOS Partial Win Yes

ZDI-CAN-4578

1:00 pm Tencent Security – Team Ether Microsoft Edge Yes Yes

ZDI-CAN-4584

2:00 pm Chaitin Security Research Lab (@ChaitinTech) Ubuntu Desktop Yes Local Only
3:30 pm Tencent Security – Team Ether Microsoft Windows No N/A
5:00 pm Ralf-Philipp Weinmann Microsoft Edge with a SYSTEM-level escalation No N/A
6:00 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Google Chrome with a SYSTEM-level escalation No Yes

ZDI-CAN-4587

7:30 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Adobe Reader Yes Yes

ZDI-CAN-4588

ZDI-CAN-4589

8:30 pm Chaitin Security Research Lab (@ChaitinTech) Apple Safari with an escalation to root on macOS Yes Yes

ZDI-CAN-4591

ZDI-CAN-4593

ZDI-CAN-4594

ZDI-CAN-4595

ZDI-CAN-4596

10:00 pm Richard Zhu (fluorescence) Apple Safari with an escalation to root on macOS No Yes

ZDI-CAN-4597

ZDI-CAN-4598

 

Day 2: March 16, 2017

With the unprecedented number of contestants and entries, the Day 2 schedule is divided into two tracks. Track A focuses on attempts against Microsoft and Adobe products. Track B focuses on products from Apple and Mozilla.

 

Day 2: March 16, 2017 – TRACK A

 

Time (PDT) Team Target Successful? Upcoming Digital Vaccine Coverage?
8:30 am 360 Security (@mj0011sec) Adobe Flash with a SYSTEM-level escalation and a virtual machine escape  Yes, but no virtual machine escape  Yes
ZDI-CAN-4601
10:00 am Tencent Security – Team Sniper (Keen Lab and PC Mgr) Adobe Flash with a SYSTEM-level escalation  Yes  Yes

ZDI-CAN-4607

11:00 am Tencent Security – Lance Team Microsoft Edge with a SYSTEM-level escalation  Yes  Yes
ZDI-CAN-4611
1:00 pm Tencent Security – Sword Team Microsoft Edge  N/A  N/A
2:30 pm Tencent Security – Lance Team Microsoft Windows  N/A  N/A
3:30 pm Tencent Security – Team Shield (Keen Lab and PC Mgr) Microsoft Edge with a SYSTEM-level escalation  N/A  N/A
4:30 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Microsoft Edge with a SYSTEM-level escalation  Yes  Yes

ZDI-CAN-4618

5:30 pm 360 Security (@mj0011sec) Microsoft Windows  Yes  Local Only
7:00 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Microsoft Windows  Local Only

 

Day 2: March 16, 2017 – TRACK B

Time (PDT) Team Target Successful? Upcoming Digital Vaccine Coverage?
9:15 am Tencent Security – Team Shield (Keen Lab and PC Mgr) Apple macOS  N/A  N/A
10:45 am 360 Security (@mj0011sec) Apple macOS  Yes  Local Only
11:45 am 360 Security (@mj0011sec) Apple Safari with an escalation to root on macOS  Yes  Yes

ZDI-CAN-4613

2:00 pm Chaitin Security Research Lab (@ChaitinTech) Apple macOS  Yes  N/A
3:00 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Apple macOS  N/A  N/A
4:00 pm Moritz Jodeit, Blue Frost Security (@moritzj) Mozilla Firefox  No  N/A
5:00 pm Chaitin Security Research Lab (@ChaitinTech) Mozilla Firefox with a SYSTEM-level escalation  Yes  Yes

ZDI-CAN-4620

6:00 pm Tencent Security – Team Sniper (Keen Lab and PC Mgr) Apple Safari with an escalation to root on macOS  Yes  Yes

ZDI-CAN-4623

 

Day 3: March 17, 2017

Time (PDT) Team Target Successful? Upcoming Digital Vaccine Coverage?
9:00am 360 Security (@mj0011sec) Microsoft Edge with a SYSTEM-level escalation and a virtual machine escape Yes  

Yes

ZDI-CAN-4625

11:00am Richard Zhu (fluorescence) Microsoft Edge with a SYSTEM-level escalation Yes  

 

Yes

ZDI-CAN-4628

ZDI-CAN-4629

11:45am Tencent Security – Team Sniper (Keen Lab and PC Mgr) VMWare Workstation (Guest-to-Host)  Yes  N/A
5:45pm Final closing and Master of Pwn award ceremony

 

Related posts:

  1. Pwn2Own 2017 – Day Two Schedule and Results
  2. Welcome to Pwn2Own 2017 – The Schedule
  3. The Results – Pwn2Own 2017 Day Two
  4. Pwn2Own 2017 – Day Three Schedule and Results

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy
  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.