| Windows 11 Hacked — Three New Zero-Days Deployed By Pwn2OWN Elite |
|---|
Hacking is not a crime, and the elite hackers who gathered in Berlin for day one of the Pwn2Own hackathon are proof of that. Instead of using their skills for malicious purposes, they have been deploying zero-days to help us all, including three aimed at Windows 11 that managed to elevate privileges to system level, enabling complete system takeover.
The Pwn2Own hackathon event has been a platform for security researchers and hacking elite to showcase their skills, and this year's event did not disappoint. The hackers, who were rewarded $75,000 each for their efforts, have been pushing the boundaries of what is possible in the world of hacking.
For those who may be new to the Pwn2Own events, here's a quick primer: Pitched against the clock to "pwn" products, hacker and gamer slang for owning something or someone by gaining control, the zero-day hacker heroes can earn a share of more than a million dollars in prize funds. The event dates back to 2007 and attracts some of the best hacking minds on the planet.
Day one of Pwn2Own Berlin 2025, held on May 15, saw no less than three successful hacking attempts targeting Windows 11 and escalating privileges to system level. One of the first results was a privilege escalation attack against Microsoft's premier operating system.
Angelboy from the DEVCORE Research Team achieved another privilege escalation attack against Microsoft’s Windows 11, but it was not deemed a full success in terms of the competition. The exploit chain used included one vulnerability that was already known to Microsoft, which disqualified it as a true zero-day.
However, the success of this attack did not go unnoticed. A hacker called Nguyen Hoang Thach, who is part of the STARLabs SG team, managed to deploy a single integer overflow exploit on Broadcom's VMware ESXi, which has never been compromised by hackers before during the event’s 18 years of activity.
This achievement earned Nguyen Hoang Thach a reward of $150,000 on the spot, as well as 15 valuable points towards the coveted Master of PWN title. The prize funds for Pwn2Own are substantial, and the hackers who participate in the event know that their skills are highly valued.
Microsoft has been left to ponder how their product was compromised so easily. The company has not yet released a statement on the matter, but it is clear that Windows 11 needs to be taken more seriously when it comes to security.