A partial exploit in Windows Phone was found as part of HP's annual Mobile Pwn2Own event

A security researcher who took part in a competition sponsored by HP managed to find a partial exploit in Windows Phone on Wednesday, but he was unable to gain full control of its features.

The event was the annual Mobile Pwn2Own competition in Tokyo, Japan. Researcher Nico Joly was the only one to try to find a way to hack into Windows Phone during the event. He used a Lumia 1520 for his effort, in an attack on Internet Explorer. HP said, "He was successfully able to exfiltrate the cookie database; however, the sandbox held and he was unable to gain full control of the system."

The issue has since been disclosed to Microsoft, so it's possible we will see an update to Windows Phone that will close this partial exploit at some point in the future. Are these kinds of competitions helpful to Microsoft and other companies in finding problems that might otherwise be missed?

Source: HP Thanks to Alex K for the tip!

John Callaham