Adobe Reader and Flash exploits found at Pwn2Own

On Thursday, we reported that security firms had found zero day exploits in three web browsers as part of the Pwn2Own competition. Two exploits were found in Internet Explorer 10 for Windows 8 by the French security company VUPEN.

Now there's word that the same company found an bug in Adobe Flash Player that allowed them to take control of the PCs that had Flash installed on their systems. Ars Technica reports that the team won $70,000 as part of the Pwn2Own competition, which is taking place this week as part of the CanSecWest security conference.

Flash has not had an easy time of it lately: the program received three security patches in February, two of which were unscheduled releases in order to close exploits that were being used by hackers. We presume that Adobe will be issuing another Flash security update soon.

George Hotz, the hacker who gain both fame and infamy for his work in unlocking iPhones and hacking the Playstation 3, went after Adobe's Reader application as part of the competition and managed to get through the program's sandbox to take over the PC that had Reader installed. Hotz also picked up $70,000 for his efforts.

Source: Ars Technica | Image via Adobe

Previous Story
Rumor: PS4 and "next Xbox" might let developers self-publish game patches
Next Story
Trend Micro claims 1 in 10 Android apps are malware