Virtual machine escape fetches $105,000 at Pwn2Own hacking contest

Virtual machine escape fetches $105,000 at Pwn2Own hacking contest

March 20th, 2017
No Comments

Hack worked by stitching together three separate exploits.


														
							

Contestants at this year’s Pwn2Own hacking competition in Vancouver just pulled off an unusually impressive feat: they compromised Microsoft’s heavily fortified Edge browser in a way that escapes a VMware Workstation virtual machine it runs in. The hack fetched a prize of $105,000, the highest awarded so far over the past three days.

Members of Qihoo 360’s security team carried out the hack by exploiting a heap overflow bug in Edge, a type confusion flaw in the Windows kernel and an uninitialized buffer vulnerability in VMware.

“We used a JavaScript engine bug within Microsoft Edge to achieve the code execution inside the Edge sandbox, and we used a Windows 10 kernel bug to escape from it and fully compromise the guest machine,” Qihoo 360 Executive Director Zheng Zheng wrote in an e-mail. “Then we exploited a hardware simulation bug within VMware to escape from the guest operating system to the host one. All started from and only by a controlled a website.”

Friday’s success underscores the central theme of Pwn2Own, that no operating system or application is immune to hacks that thoroughly compromise its security.

[Source]

  • \devworx in print
  • \devworx contests
      • No contests are currently running.