Windows 10 hacked at Tianfu Cup, China’s largest hacking competition

[Gandalf_The_Grey]

Content source

https://mspoweruser.com/microsoft-windows-10-hacked-at-tianfu/

Tianfu Cup is China’s largest and most prestigious hacking competition. This year’s Tianfu Cup competition was held over the last weekend. Security researchers won nearly $1.2 million by successfully hacking several popular software products including Microsoft’s Windows 10, Apple iOS, Chrome web browser, Adobe PDF Reader and Ubuntu.

Security researcher @programmeboy from 360 ESG Vulnerability Research Institute successfully hacked Windows 10 v2004 (April 2020 edition) with a kernel bug.

In the coming days, Microsoft will release a Windows 10 update to fix this new vulnerability.

Microsoft Windows 10 hacked at Tianfu Cup, China's largest hacking competition - MSPoweruser

Tianfu Cup is China’s largest and most prestigious hacking competition. This year’s Tianfu Cup competition was held over the last weekend. Security researchers won nearly $1.2 million by successfully hacking several popular software products including Microsoft’s Windows 10, Apple iOS, Chrome...

mspoweruser.com

 

[SeriousHoax]

They hacked Windows 2004 aka 20H1. Does it mean that 20H2 is safe from this kernel bug? Maybe not. But I guess we'll see when the patch note comes out.

 

[Gandalf_The_Grey]

They hacked Windows 2004 aka 20H1. Does it mean that 20H2 is safe from this kernel bug? Maybe not. But I guess we'll see when the patch note comes out.

Good point. We can't be sure, but because 20H2 is "just" an enablement package, no big update, I think it will have the same kernel bug. We will have to wait till the patch comes out.

 

[Ink]

These competitions highlight the importance of such organised events, and end users should not panic.

 

[Gandalf_The_Grey]

These competitions highlight the importance of such organised events, and end users should not panic.

Of course there is no need to panic. With these events disclose follows after the patches are released. Like it should be.
This also highlights the importance of patching your system.

 

[Ink]

Guaranteed there are some idiots who will come along fear-mongering, by using this as an example of why people should not use Windows 10, calling it insecure.

Problem with Microsoft is that they have 3, possibly 4 update types: Quality (security), Feature, Optional and Experience Packs. You can see how this can be an issue, when users are told to update. Not all updates are 1) required, 2) compatible, 3) stable.

 

[ForgottenSeer 85179]

At least Microsoft will fix it before it gets public. They do a great job

 

[Gandalf_The_Grey]

It's a bit difficult to follow at Twitter:

https://twitter.com/TianfuCup

These were the targets:

This are the results:

There will be more updates than just for Windows 10...

 

[HarborFront]

That's why it's always good to have different layers of security for Windows 10