Windows 11 hacked three times on day one of PWN2OWN.
SOPA Images/LightRocket via Getty ImagesUpdate, May 17, 2025: This story, originally published May 16, has been updated with news of another successful Windows 11 hack at the Pwn2Own hacking event in Berlin.
I’ve said it before, and I’ll say it again: hacking is not a crime. I’d have been in prison a long time ago were that true. I’m not a fan of the term ethical hackers, but it will have to do to describe the security researchers and hacking elite who have gathered in Berlin for day one of the Pwn2Own hackathon. Rather than use their undoubted hacking skills for malicious purposes, like the most prolific cybercriminal groups do, these hackers have been deploying zero-days for the good of us all, including three aimed at Windows 11 that managed to elevate privileges to system level that could enable complete system takeover. Such skills do not go unvalued, and the hackers concerned were rewarded $75,000 for their efforts. Here’s what you need to know about the Windows 11 hack trilogy.
Pwn2Own — Windows 11 Hacks ExplainedIf you are a regular reader of my articles, then you will know that I have covered the Pwn2Own events for many years. Most recently, detailing how Tesla fell to hackers four times in one day, and five zero-day vulnerabilities were employed to compromise the Samsung Galaxy 24 smartphone. You would also know that Tesla and Samsung submitted their products to the hackathon event, wanting to see if the elite of the hacking world could find vulnerabilities that they had not, so they could be fixed before malicious actors stumbled across them.
Pwn2Own, the brainchild of the Trend Micro Zero Day Initiative, dates back to 2007 and attracts some of the best hacking minds on the planet to the twice-yearly events. Pitched against the clock to “pwn” products, hacker and gamer slang for owning something or someone by gaining control, the zero-day hacker heroes can earn a share of more than a million dollars in prize funds.
Day one of Pwn2Own Berlin 2025, held on May 15, saw no less than three successful hacking attempts targeting Windows 11 and escalating privileges to system level:
• Chen Le Qi of STARLabs SG won $30,000 by escalating privileges to system level on Windows
11 with a combination of a use-after-free and integer overflow exploit.
• Marcin Wiązowski used an out-of-bounds memory write exploit to achieve the same end result
and earned the same reward, another $30,000.
• Hyeonjin Choi of Out Of Bounds earned a $15,000 bounty by exploiting a type confusion
vulnerability to get those elevated Windows 11 privileges.
Update: The first results for day three of Pwn2Own are in, and it’s Windows 11 that’s the victim once again. A hacker called Angelboy from the DEVCORE Research Team achieved another privilege escalation attack against Microsoft’s premier operating system. However, this was not deemed a full success in terms of the competition, but rather a collision. This is because one of the vulnerabilities that were used in the exploit chain was already known to Microsoft, and so not a true zero-day.
And it’s not just Microsoft products that are falling into the hands of these elite hackers. Broadcom’s VMware ESXi has been compromised by a zero-day exploit as well. This is Pwn2Own history in the making, as the hypervisor has never been compromised by hackers before during the event’s 18 years of activity. The hacker behind the achievement, Nguyen Hoang Thach, who is part of the STARLabs SG team, was able to deploy a single integer overflow exploit. This earned them a not-too-shabby reward of $150,000 on the spot, as well as 15 valuable points towards the coveted Master of PWN title.
source
