The 17th annual CanSecWest conference was held in downtown Vancouver, researchers were competing for the tenth anniversary reward over $1,000,000 of Pwn2Own.
The Day 1 result has been put on Zero Day Initiative as well as part of the Mac vulnerabilities in the achievement list. Independent hackers Samuel Groß and Niklas Baumstark successfully acquired the root-access privileges through Safari vulnerabilities on macOS, and display rolling messages on MacBook Pro’s Touch Bar. That helped them win the a reward of $28,000.
On the same day, security inspection lab Chaitin also broke through Safair and obtained root-access privileges on macOS. They found 6 bugs during the crack, which won $35,000 for them.
On Day 1 all the competitors won $233,000 in total, including a $105,000 reward won by Tencent Security team. Other cracked software: Adobe Reader, Ubuntu Desktop and Edge for Windows.
Apple used to send representatives to participate the Pwn2Own competition. Influenced companies will find their security vulnerabilities and fix them asap.