Pwn2Own hacking contest kicks off at CanSecWest

The popular Pwn2Own security contest has kicked off at the CanSecWest security conference.

The two-day hacking challenge pits security researchers against fully patched versions of the latest desktop and smartphone browsers and operating systems.

Aaron Portnoy, security research manager for contest sponsor DVLabs, announced on Wednesday afternoon that Vupen Security achieved the first successful hack of the contest.

Vupen was able to exploit a vulnerability in Apple's Safari browser to demonstrate remote code execution capabilities on a MacBook Pro running a fully patched OS X.

Shortly after, Portnoy revealed that Harmony Security researcher Stephen Fewer had been able to compromise a system running Internet Explorer.

The first contestants to demonstrate working exploits will be awarded a $15,000 prize from DVLabs as well as ownership of the compromised device.

The 2011 Pwn2Own contest has been particularly anticipated. Google is offering researchers an extended prize of $20,000 for discovering and exploiting vulnerabilities in its Chrome browser.

In the days leading up to the contest, Mozilla and Google issued updates for vulnerabilities in their browsers.

DVLabs parent company HP said that it will use the vulnerabilities discovered in the contest to generate filters for its intrusion prevention system.

"Customers demand security solutions that protect their data and applications from a wide variety of vulnerabilities, whether they are patched by the vendor or not," said DVLabs director Dan Holden.

"Sponsoring the Pwn2Own contest for the fifth consecutive year enables HP to remain on the leading edge of the security industry, so we can offer our clients unique protection against advanced attacks."