Large software developers are constantly checking the security of their programs. Thanks to this, it is possible to detect any vulnerability and solve it before it endangers the security of users. Google, Microsoft, Adobe, Apple, and other big developers have their own engineers auditing the security of their programs, and they also offer rewards to users who report vulnerabilities instead of selling them online. However, no matter how safe a program is, it always has unknown gaps. And one of the best ways to exploit them and expose the (in) security of these software is through hacker competitions.
Recently, the Tianfu Cup 2020 , one of the most important hacking competitions in the world, just took place in Chengdu, China. In this competition, the security of 16 popular programs and operating systems were tested to see who was able to find new vulnerabilities and ways to exploit them. And in total, the protection of 11 of these programs and systems has been broken, discovering a total of 23 serious vulnerabilities.
Compromised operating systems and programs
In this competition, software and hardware security, very relevant in today’s market, has been broken. For example, hackers have managed to exploit the 2004 version of Windows 10 using totally new exploits, never seen before. In addition, they have also managed to compromise Microsoft’s operating system through bugs in popular programs such as Chrome, Firefox, and Adobe PDF Reader.
Linux has not gotten rid of the vulnerabilities either, and they have managed to break the security of CentOS 8 . And for virtualization software, serious vulnerabilities have also been found in Docker CE and VMware ESXi .
We rely more and more on smartphones. And while we think they may be safe, in reality they may not be that safe. These hackers have managed to take control of a Samsung Galaxy S20 running Android 10 , as well as an iPhone 11 Pro running iOS 14 and Safari .
Finally, serious vulnerabilities have also been found in the ASUS RT-AX86U and TP-Link TL-WDR7660 routers , two models that have a significant market share in homes.
Vulnerabilities have already been reported: protect your security
Of course, all the security flaws that have been exploited in this competition have already been correctly reported to the respective companies. These will take advantage of the next patches to cover all these holes and reinforce, a little more, the security of the operating systems and programs that we have just seen. We must install Windows patches as soon as possible, as well as new versions of programs such as Adobe, Chrome or Firefox to be sure.
Therefore, it is important to be aware of the new versions that may come out for all this software and install it as soon as possible. Although it is true that hackers will not actively reveal or exploit them, there are groups of hackers who are already working to discover these vulnerabilities as soon as possible and take advantage of them before it is too late. Good protection in time can save us a lot of trouble.
The hacking teams that found these vulnerabilities have received a total of $ 744,500 in rewards.