The news was shared on Twitter.
Confirmed! Jack Dates from RET2 Systems used an integer overflow in Safari and an OOB Write to get kernel code execution. He wins $100K plus 10 Master of Pwn points to start the contest off right!
Confirmed! Jack Dates from RET2 Systems used an integer overflow in Safari and an OOB Write to get kernel code exec https://t.co/K05u94RIwk
— Zero Day Initiative (@thezdi) 1617721996000
The Pwn2Own event is not solely for Apple products, though finding a fault in a web browser made by the tech giant is big as Safari, being a part of the Apple ecosystem, is usually considered safe from malicious cyber attacks and comes preinstalled on the iPhone, iPad and the MacBooks. With a zero day vulnerability found in Safari, heres hoping Apple acts swiftly on this and patches it with an update.
During the event, some researchers found an exploit with the video calling app Zoom which hackers may use to gain access to the whole computer system. Team Viettel, another band of researchers, looked for vulnerabilities in Windows 10 and used an integer overflow to escalate from a regular user to SYSTEM privileges in the Local Escalation of Privilege category. They were paid $40,000 for their successful attempt.