Upcoming Pwn2Own 2016 Contest Announced

Update: 20th March 2016:
A more recent blog post discusses the outcome of Pwn2Own 2016.

Thank you.

=======================
Original Post
=======================
Next month on March the 16th and 17th the annual CanSecWest security conference will take place. As you know I’m a particular fan of this since it includes the Pwn2Own contest.

This year Mozilla Firefox and Adobe Reader won’t be included. Exploits for Firefox are quite rare while exploits for Adobe Reader have mostly ceased to be used by exploit kits (defined) in recent years so I can see why this decision was made. However while this is the case, we still see security updates being made available for both of these products on a regular basis. Other changes are the fact that the operating systems to be exploited won’t be directly installed on the computers within the contest but within VMware virtual machines (VMs). Additional prize money will be awarded if the researchers can have their exploits escape from within the VMs.

This contest will mark the first time that Apple Mac OS X 10.11 (“El Capitan”), Microsoft Edge and Windows 10 will be part of the competition as security researchers attempt to exploit the very latest versions of these products. Similar to last year Microsoft EMET will be used to make the exploitation of vulnerabilities more difficult. Whether more vulnerabilities will be found in EMET or if it simply present for the purpose mentioned above remains to be seen.

Further details of this year’s contest are available here. I will post again when the results of the contest are known and will include any highlights that we as users of the software present in the contest can look forward to being more secure and/or whether as a result of the contest more security features will be added.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s