Security Researcher Earns $100,000 for Safari Exploit in Pwn2Own Hacking Contest

Each year, the Zero Day Initiative hosts a "Pwn2Own" hacking contest where security researchers can earn money for finding serious vulnerabilities in major platforms like Windows and macOS.


This 2021 Pwn2Own virtual event kicked off earlier this week and featured 23 separate hacking attempts across 10 different products including web browsers, virtualization, servers, and more. A three-day affair that spans multiple hours a day, this year's Pwn2Own event was livestreamed on YouTube.

Apple products were not heavily targeted in Pwn2Own 2021, but on day one, Jack Dates from RET2 Systems executed a Safari to kernel zero-day exploit and earned himself $100,000. He used an integer overflow in Safari and an OOB write to get kernel-level code execution, as demoed in the tweet below.


Other hacking attempts during the Pwn2Own event targeted Microsoft Exchange, Parallels, Windows 10, Microsoft Teams, Ubuntu, Oracle VirtualBox, Zoom, Google Chrome, and Microsoft Edge.

A serious Zoom flaw was demonstrated by Dutch researchers Daan Keuper and Thijs Alkemade, for example. The duo exploited a trio of flaws to get total control of a target PC using the Zoom app with no user interaction.


Pwn2Own participants received more than $1.2 million in rewards for the bugs they discovered. Pwn2Own gives vendors like Apple 90 days to produce a fix for the vulnerabilities that are uncovered, so we can expect the bug to be addressed in an update in the not too distant future.

Tag: Safari

Popular Stories

Generic iOS 18

iOS 18.1 With Apple Intelligence: New Features, Release Date, and More

Thursday October 10, 2024 8:26 am PDT by
iOS 18.1 will be released to the public in the coming weeks, and the software update introduces the first Apple Intelligence features for the iPhone. Below, we outline when to expect iOS 18.1 to be released. iOS 18.1: Apple Intelligence Features Here are some of the key Apple Intelligence features in the iOS 18.1 beta so far: A few Siri enhancements, including improved understanding...
16 pro

iPhone 17 Pro Models Rumored to Introduce These 5 New Features

Friday October 11, 2024 8:55 am PDT by
While the iPhone 16 series was released just a few weeks ago, there are already many rumored features for the iPhone 17 models, and especially for the Pro models. Below, we recap five key new features rumored for the iPhone 17 Pro and Pro Max so far: 24MP front camera for all iPhone 17 models: All four iPhone 17 models will feature an upgraded 24-megapixel front-facing camera, according...
Generic iOS 18 Feature Real Mock

Apple Stops Signing iOS 18.0

Thursday October 10, 2024 12:10 pm PDT by
Apple today stopped signing iOS 18.0, preventing iPhone users who have upgraded to iOS 18.0.1 from downgrading to iOS 18. Apple released iOS 18.0.1 a week ago on October 3. It is not unusual for Apple to stop signing older versions of iOS within a week or two after a new version of iOS is released. When Apple stops signing an update, it can no longer be installed on an iPhone due to a...
When Will Apple Launch More M4 Macs Feature

Will Apple Release M4 Macs Soon? Here's What the Latest Rumors Say

Thursday October 10, 2024 6:22 am PDT by
Apple often releases new Macs in the fall, but we are still waiting for official confirmation that the company has similar plans this year. We're approaching the middle of October now, and if Apple plans to announce new Macs before the holidays, recent history suggests it will happen this month. Here's what we know so far. As of writing this, it's been 220 days since Apple released a new...
iPhone 17 Slim Feature Single Camera 2

10 Reasons to Wait for Next Year's iPhone 17

Tuesday October 8, 2024 5:45 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
ios 18 1 make primary

iOS 18.1 Includes Option to Set 'Primary' Email Address and Change iCloud Email

Friday October 11, 2024 3:55 pm PDT by
In iOS 18.1, there is a new option to set a "Primary" email address in the Settings app, which means it is easier to change the main email address associated with your Apple Account. The Primary email address is the one that is visible to other people when collaborating on and sharing documents, sending calendar invites, and more. Apple did not previously make it easy to change an Apple...
space black mbp

Apple Potentially Facing Worst Leak Since iPhone 4 Was Left in a Bar

Monday October 7, 2024 3:03 pm PDT by
Alleged photos and videos of an unannounced 14-inch MacBook Pro with an M4 chip continue to surface on social media, in what could be the worst product leak for Apple since an employee accidentally left an iPhone 4 prototype at a bar in California in 2010. The latest video of what could be a next-generation MacBook Pro was shared on YouTube Shorts today by Russian channel Romancev768, just...
iPad mini review thumb

iPad Mini 7 Coming Next Month: What to Expect

Tuesday October 8, 2024 6:16 am PDT by
Rumors strongly suggest Apple will release the seventh-generation iPad mini in November, nearly three years after the last refresh. Here's a roundup of what we're expecting from the next version of Apple's small form factor tablet, based on the latest rumors and reports. Design and Display The new iPad mini is likely to retain its compact 8.3-inch display and overall design introduced with...

Top Rated Comments

antiprotest Avatar
46 months ago
Please set up a reward for fixing iCloud Tabs sync. Apparently the people at Apple cannot do it after like a decade.
Score: 16 Votes (Like | Disagree)
mistasopz Avatar
46 months ago

The Chinese government is run by Chinese. And yes, if you signaling out Chinese government, you are basically saying Chinese are cheaters and Chinese are theft.

But every government in the world do spy on each other, stealing information etc.
That's some pretty loopy logic there. If I criticise the Canadian government am I racist towards Canadians (after all it's run by Canadians)? Of course not, what ridiculousness. There are 1.4 billion Chinese people and being critical of their leadership is not the same thing as hating 1.4 billion people because of their ethnicity. And if you think you think they are your friend, you better read up on your own history (Nortel IP theft for example).
Score: 9 Votes (Like | Disagree)
mistasopz Avatar
46 months ago

Aren’t you are being racist when you single out Chinese government?
The Chinese government is not a race.
Score: 9 Votes (Like | Disagree)
steve217 Avatar
46 months ago
Given the cost of a breach, $100k is a bargain.
Score: 7 Votes (Like | Disagree)
BWhaler Avatar
46 months ago
I always worry given Zoom’s ties to China and the slip-shot way they went for growth above all, if some of these “flaws” are actually backdoors.

As convienent and pervasive as Zoom is, no way I would trust it if I was a CTO or enterprise security officer.
Score: 5 Votes (Like | Disagree)
T Coma Avatar
46 months ago
Ah yes, the old integer overflow and OOB write trick. Classic.
Score: 3 Votes (Like | Disagree)