Privacy News Virtual machine escape fetches $105,000 at Pwn2Own hacking contest

[Der.Reisende]

Contestants at this year's Pwn2Own hacking competition in Vancouver just pulled off an unusually impressive feat: they compromised Microsoft's heavily fortified Edge browser in a way that escapes a VMware Workstation virtual machine it runs in. The hack fetched a prize of $105,000, the highest awarded so far over the past three days.

According to a Friday morning tweet from the contest's organizers, members of Qihoo 360's security team carried out the hack by exploiting a heap overflow bug in Edge, a type confusion flaw in the Windows kernel and an uninitialized buffer vulnerability in VMware, contest organizers reported Friday morning on Twitter. The result was a "complete virtual machine escape."

Read more @ the source: Virtual machine escape fetches $105,000 at Pwn2Own hacking contest [updated]

 

[enaph]

I need to agree with one of the comments under the original article stating that everything connected to the Net is hackable.
Fortunately thanks to contests like Pwn2Own we can be sure that all critical fixes are going to be released asap and exploits used for compromising test machines won't spread into wild.

 

[Solarquest]

@Der.Reisende , thank you for sharing!
The scariest part is " All started from and only by a controlled a website."
Btw, interesting reading...
VMescape.com - VM Escape is NOT your primary security concern

 

[enaph]

@Der.Reisende , thank you for sharing!
The scariest part is " All started from and only by a controlled a website."

I think that most of the "modern" infections start like this that's why browsers security is such important nowadays.

 

[Solarquest]

In the same Pwn2Own hacking contest:

12:30pm – Tencent Security - Team Sniper (Keen Lab and PC Mgr) targeting VMWare Workstation (Guest-to-Host)
SUCCESS: Tencent Security - Team Sniper (Keen Lab and PC Mgr) used a three-bug chain to win the Virtual Machines Escapes (Guest-to-Host) category with a VMWare Workstation exploit. They used a Windows kernel UAF, a VMware info leak and an uninitialized VMware buffer to go guest-to-host. This garnered them $100,000 and 13 points for Master of Pwn.

 

[509322]

The vast majority of discovered vulnerabilities are never exploited in the wild, so that they exist is not something that should weigh heavy on a security-conscious user's mind. Probabilities always favor the user who ensures that their system is routinely updated. I see that vulnerabilities are not well understood on the security forums. However, it is always a good thing that softs are pen-tested, vulnerabilities are discovered and reported, and the publishers (most of the time, but not always) patch them.

 

[nclr11111]

Wonder if Oracle VirtualBox suffers from the same exploits?

 

[jamescv7]

The trend target nowadays is related on virtualization concept; of course for virtual machines, a chance of exploit may triggered leaks but not the whole one.

An interesting view where attacks will be isolate since you are targeting a system which is not an actual, definitely in order to compromise it then you need to damage the functionalities first that runs the virtualization.

 

[larry goes to church]

DAMN!

That is alot of money.
I have always been fasicnated by how these indivuals figure these sort of bugs out.
Its one thing to use it.. its another to find it.


Bug hunting is going to be the next "top paying IT job" i think