Pwn2Own Returns for 2018: Partners with Microsoft and Sponsored by VMware

January 25, 2018 | Brian Gorenc

The Quick Summary

·  Pwn2Own returns for 2018 with five categories of targets: virtualization, web browsers, enterprise applications, servers, and a special Windows Insider Preview Challenge category.
·  ZDI partners with Microsoft for the event and welcomes VMware as a sponsor. Their contributions enable us to offer up to $2,000,000 USD in cash and prizes.
·  Microsoft offers a Windows Insider Preview Challenge that tests their latest pre-release offerings combined with their configuration on their hardware.
·  The title of Master of Pwn will be awarded to the team with the most points at the end of the contest.

Jump to a Section


Now entering its second decade, the Pwn2Own™ competition will be returning to Vancouver, BC, and the CanSecWest conference on March 14-16 of this year. From its humble beginnings to the tenth anniversary last year, the Pwn2Own contest has grown from a simple exhibition to one of the world’s most exclusive competitions for demonstrating practical attacks on the most up-to-date software and protections. This year’s event offers up to $2,000,000 USD in cash and prizes to security researchers who can successfully demonstrate their attacks in the various categories.

Since its inception in 2007, Pwn2Own has increased the challenge level at each new competition, and this year is no different. Web browsers return as a target, as do virtual machine guest-to-host escapes. Enterprise applications remain as targets for this year, and for 2018, Outlook makes its Pwn2Own debut. Our virtualization category grows by two as Oracle becomes a target, and the Windows Insider Preview Challenge includes brand new targets for their virtualization-based security stack. Server targets expand this year as well. Apache was included in last year’s event and is joined this year by NGINX, OpenSSL, and Windows SMB server. Over the years, we’ve seen some ground-breaking research demonstrated, so we can’t wait to see what contestants bring this year.

Partner and Sponsor

Over the years, we’ve also seen the program lead to investments in security from the affected vendors. This year, vendors decided to take an even more active role by sponsoring the event, with Microsoft stepping up to be a Partner for Pwn2Own 2018. Various Microsoft products have been targets at Pwn2Own since nearly the beginning of the contest, and Microsoft has stated the contest has pushed new security features into their products. 

With Windows as a Service (WaaS) shipping new security innovation to our customers this spring, Pwn2Own could not happen at a better time. We’re excited to have the best and brightest minds testing the limits of some of our flagship pre-release security technologies from the latest Windows Insider Preview for Business on our Surface Book 2 devices. - David Weston, Principle Group Manager, Windows and Devices Group Enterprise and Security

Microsoft will also have its own category. Normally, Pwn2Own doesn’t use beta or pre-release software. However, the folks at Microsoft wanted to offer a real challenge by making some of their products under development a target. The details are below, but broadly speaking, the targets will be set up and configured by Microsoft experts and running on Microsoft hardware. Are you up for that challenge? Microsoft is offering quite a bit of cash to those who are.

Last year saw VMware return as a target for the second year, and two separate contestants were able to perform a guest-to-host escalation. VMware returns as a target, and this year, they have decided to become one of the sponsors for the event.

“We are pleased to support Pwn2Own this year. We have found this event to be a great way to connect with the research community and build mutual trust.” - Manish Gaur, Director, Product Security, VMware

We’re excited to work with those who create the security patches to address Pwn2Own related bugs. Hopefully, it’s the start of a trend.

The Targets

 This year, we’re changing things up a bit on the target side to reflect the changing nature of computing. We’re becoming more reliant on cloud-based services, and we’re interested in seeing research in virtualization and services. Of course, web browser and enterprise applications allow us to access those services, so they return as categories. Finally, we rely on servers for almost everything we do online, so finding bugs in the server space is especially significant.    

The full rules are located here. As always with Pwn2Own, the first contestant to win in each category gets the full cash award plus a laptop (estimated at $1,000).

Virtualization Targets & Awards

 The biggest news from last year’s contest was likely the two VMware guest-to-host escapes demonstrated. In each case, contestants ran their exploits in the guest OS to escalate their privileges and execute code on the hypervisor. This year, we’re adding Oracle VirtualBox to this category. We’ve already seen several submissions to the ZDI program for VirtualBox, so we look forward to seeing how it does during Pwn2Own. No one attempted to exploit Microsoft Hyper-V last year, but that’s often the case when we introduce a new target. This year, Microsoft has added new virtualization related targets that use virtualization technologies as a means to secure the client itself. These specific targets are covered in the Windows Insider Preview Challenge detailed below. It will be interesting to see if others can repeat last year’s performance. A successful attempt in this category must be launched from within the guest operating system from a non-admin account and execute arbitrary code on the host operating system. Both the guest and the host operating system will be running Microsoft Windows 10 x64.

Here are the award amounts for this category:

Target Prize Master of Pwn Points Eligible for Add-on Prize
Oracle VirtualBox $35,000 4 Yes
VMware Workstation $70,000 7 Yes
Microsoft Hyper-V Client $150,000 15 Yes

We are also including add-on challenges for many categories. For the virtualization category, the extra challenge will have the contestant execute an escalation of privilege through a Windows kernel vulnerability on the host operating system. To be eligible for this add-on prize, the kernel vulnerability used to escalate privilege must be different from any kernel vulnerability required to escape the virtualization target. Successfully meeting this challenge will earn the contestant an additional $30,000 and 3 additional Master of Pwn points.

Web Browser Targets & Awards

One big change we have this year is the elimination of the “Local Escalation of Privilege” category. Instead, we’re now wrapping this into the web browsers category. Contestants popping web browsers now have the option to either simply escape the sandbox or fully elevate privileges to execute code with kernel-level permissions.

The four major browsers return as targets: Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox. In this category, the Windows-based targets will be running in a VMware Workstation virtual machine. We'll be offering an add-on for Edge and Chrome.. Any successful exploit that also executes code on the host operating system by escaping the VMware Workstation virtual machine will receive an additional $70,000 and 7 points towards Master of Pwn. This means that a successful attempt on Google Chrome that uses a kernel escalation and is able to execute code on the underlying hypervisor system will result in $140,000 and 14 Master of Pwn points.

Here are the award amounts for this category:

Target Sandbox Escape Options Prize Master of Pwn Points Eligible for Add-on Prize
Google Chrome Sandbox Escape $60,000 6 Yes
Windows Kernel Escalation of Privilege  $70,000 7 Yes
Microsoft Edge Sandbox Escape $60,000 6 Yes
Windows Kernel Escalation of Privilege $70,000 7 Yes
Apple Safari Sandbox Escape $55,000 5 No
macOS Kernel Escalation of Privilege $65,000 6 No
Mozilla Firefox Sandbox Escape $40,000 4 No
Windows Kernel Escalation of Privilege $50,000 5 No

As always, all browsers and operating systems will be the latest versions with all applicable security patches applied.

Enterprise Application Targets & Awards

Last year saw the inclusion of enterprise applications, and they return this year as well. Bugs in Adobe Reader and Microsoft Office are commonly used in malware, ransomware, and phishing attacks, so it’s always interesting to see what type of research is happening in these applications. A successful entry here will involve downloading the entry from the web browser and double-clicking the file – no further user interaction, such as dismissing a dialog box, will occur. Launching an attack from the command line is not allowed.

There are several Microsoft Office versions available. For Pwn2Own 2018, the Office targets will be running Microsoft Office 365 ProPlus x64 (Monthly Channel) on Windows 10 x64. To download and configure this for your testing, please use the directions available on Microsoft’s web site. Microsoft Office-based targets will have Protected View enabled, and Adobe Reader will have Protected Mode and Protected View enabled.

This year also introduces Microsoft Outlook to the competition. To be successful here, code execution must occur while syncing with a malicious email server. No user interaction beyond syncing with the rogue mail server will be performed. For example, viewing an email in the preview pane, opening a message or double-clicking an attachment does not constitute a successful attempt.  

Here are the award amounts for this category:

Target Escape Option Prize Master of Pwn Points
Adobe Reader Sandbox Escape $40,000 4
Windows Kernel Escalation of Privilege $50,000 5
Microsoft Office 365 ProPlus  (Word/Excel/Powerpoint) N/A  $50,000 5
Microsoft Outlook N/A $100,000 10

No add-ons are available for this category.

Server Targets & Awards

Most of the connected devices and services in our lives call back to a server somewhere, and we’re interested in seeing what types of vulnerabilities those servers may harbor. For Apache, this involves a “vanilla” installation with no 3rd-party modules – sorry fans of Struts and PHP. NGINX, Windows SMB Server, and OpenSSL all make their Pwn2Own debuts this year. If you’re thinking of taking one of these targets on, be sure to reach out to us for detailed installation and configuration information.

Here are the award amounts for this category:

Target Prize Master of Pwn Points
Apache Web Server $100,000 10
NGINX $100,000 10
Microsoft Windows SMB $100,000 10
OpenSSL $100,000 10

Windows Insider Preview Challenge

When we approached Microsoft about partnering for Pwn2Own 2018, they had an idea of their own. Rather than just looking at the most up-to-date software, they also wanted to look at pre-release versions of software using their configuration on their hardware. Thus, they came up with the Windows Insider Preview Challenge. Using the Windows 10 Redstone 4 (RS4) Insider Preview as the base platform, Microsoft is offering three challenges to test some of their new flagship security technologies and approaches:

1.      Windows Defender Application Guard (WDAG) for Edge
This target has multiple levels of success. An RCE in the Edge process within the WDAG contain earns up to $15,000. A sandbox escape from Edge within the WDAG container also earns up to $10,000. A WDAG specific escape from the WDAG container to the host OS could net up to $30,000. Finally, a general Hyper-V exploit used to escape the WDAG container to the host operating system could get the contestant up to $250,000. If someone manages to do all four of these in the same entry, the maximum payout would be $305,000.

2.    Windows SMB
For this target, a successful entry would need to gain remote code execution with virtualization-based security (HVCI, kCFG) enabled. Doing so gets the contestant $100,000.  

3.    Windows Hyper-V Client
The final target in this category looks at the default configuration of Hyper-V Client on RS4. Certain optional components, such as Remotefx, Legacy Network Adapter (Generation 1), and Fibre Channel Adapter, are not considered default and will be out of scope. A successful guest-to-host escape to user-mode here earns the contestant up to $150,000, while a successful escape resulting in kernel-level code execution earns up to $250,000.

Here are the award amounts for this category:

Target Exploit Chain Options Prize
Windows Defender Application Guard for Edge RCE in Edge Process within the WDAG Container Up to $15,000
Sandbox escape from Edge within the WDAG container Up to $10,000
WDAG specific escape from the WDAG container to the host OS Up to $30,000
Hyper-V exploit used to escape the WDAG container to the host operating system Up to $250,000
Windows SMB RCE with virtualization based security (HVCI, kCFG) enabled $100,000
Windows Hyper-V Client Hyper-V Escape in User-Mode Up to $150,000
Hyper-V Escape in Hypervisor or Kernel Up to $250,000

All prize amounts will be determined using the existing guidelines of the Windows Insider Preview, Hyper-V, Edge, and WDAG bounties.

We think it’s fantastic to see pre-release software tested like this. Microsoft has additional details about the Windows Insider Preview Challenge in the Pwn2Own rules. And yes, in true Pwn2Own fashion, the first winner in each category gets to keep the Microsoft Surface Book 2 used in the contest.

Master of Pwn

The title of “Master of Pwn” will again return to the contest. Since its inception (alongside its ridiculous smoking jacket), adding the Master of Pwn has changed how contestants approach the contest. Prior to its addition, “winning” the contest often relied on the luck of the random draw. Master of Pwn changed the way contestants behave since the points tallied for the title remain constant throughout. We still do the random drawing for the order of events, but now contestants can be crowned the overall “winner” even if they never go first in a category. The addition of Master of Pwn has also introduced a level of “defense” into the competition. Teams will regularly submit bug reports they believe may be used by other competitors. Since we only purchase true 0day vulnerabilities, a bug collision would disqualify an attempt. As a reminder, a vulnerability may only be used once across all categories. In addition to the title, the winners receive this amazing trophy, a slick jacket of some form, and the adoration of their peers (plus 65,000 ZDI reward points).

Of course, what’s reward without a little risk? We’ve decided to add a penalty system into Master of Pwn. If the contestant decides to withdraw from the registered attempt after the start of the contest, the Master of Pwn points for that attempt will be divided by 2 and deducted from the contestant's point total for the contest. Each category also has “Add-on Bonuses.” If the contestant decides to remove an Add-on Bonus during their attempt, the Master of Pwn points for that Add-on Bonus will be deducted from the final point total for that attempt. In other words, if you sign up for a category and want Master of Pwn, you’ll need to fully commit towards participation, even if it means your attempt doesn’t succeed as expected.


The complete rules for Pwn2Own 2018 are found here. As always, we encourage entrants to read the rules thoroughly if they choose to participate. If you are thinking about participating but have a specific configuration or rule-related questions, email us. Questions asked over other means will not be answered. Registration is required to ensure we have sufficient resources on hand at the event. Please contact ZDI at to begin the registration process. (Email only, please; queries via Twitter, blog post or other means will not be acknowledged or answered.) Registration closes at 5 p.m. Pacific Time on March 5, 2018.

Be sure to stay tuned to this blog and follow us on Twitter for the latest information and updates about the contest. We look forward to seeing everyone in Vancouver, and we can’t wait to see what exciting research is demonstrated at this year’s Pwn2Own competition.

With special thanks to our Pwn2Own 2018 Partner

Thanks also to our Pwn2Own 2018 Sponsor




©2018 Trend Micro Incorporated. All rights reserved. PWN2OWN, ZERO DAY INITIATIVE, ZDI and Trend Micro are trademarks or registered trademarks of Trend Micro Incorporated. All other trademarks and trade names are the property of their respective owners.