Pwn2Own Hacking Schedule Released – Windows and Linux Are Top Targets – Naked Security

The 2022 edition of the famous (or infamous, depending on your point of view) Pwn2Own contest kicks off later today in Vancouver, British Columbia.

(Actually, this year’s event is a so-called “hybrid” event, so attendees who are unable or unwilling to travel, whether for coronavirus or environmental reasons, can attend remotely.)

Numerous vendors have offered cash prizes for hacking various of their products, with this year’s potential targets being:

  • Virtualization: Oracle VirtualBox, VMware Workstation, VMware ESXi, Microsoft Hyper-V Client.
  • browsers: Google Chrome, Microsoft Edge, Apple Safari, Mozilla Firefox.
  • Enterprise Apps: Adobe Reader, Office 365 ProPlus.
  • Server: Microsoft RDP/RDS, Exchange, SharePoint, Samba.
  • Endpoint Operating Systems: Ubuntu Desktop, Windows 11. (elevation of privilege only)
  • Corporate Communications: Zoom, Microsoft Teams.
  • Automobile: a set of categories based on Tesla 3 vehicles.

Interestingly the server and enterprise apps Categories properly tightened zero hackers every year.

browsers and virtualization were considered similarly uninteresting, it seems, with just a Participants taking on Firefox and Safari, respectively, and a lone hacker trying his hand at VirtualBox.

Windows 11 and Ubuntu Linux attracted seven and five entries each; four Participants will stop by Teams; and two will try out different aspects of the Tesla 3.