Hackers demonstrated 21 new vulnerabilities in attacks against browsers and operating systems during this year’s Pwn2Own hacking contest. The complexity of the exploits, though, shows that hackers have to jump through many hoops to gain full system control.

On Wednesday and Thursday, five contestants — four teams and one independent researcher — demonstrated three successful remote code execution attacks against Safari on OS X, two against Microsoft Edge on Windows, four against Adobe Flash on Windows and one partially successful attack against Google Chrome on Windows. Firefox was not a target in this year’s contest.

The contest takes place every year during the CanSecWest security conference in Vancouver, British Columbia. This year’s edition was sponsored by Trend Micro and Hewlett Packard Enterprise. Contestants had to achieve remote code execution on up-to-date installations of Windows 10 and OS X El Capitan through Web-based attacks that exploited previously unknown vulnerabilities in the latest versions of Apple Safari, Microsoft Edge, Google Chrome, Flash Player and the operating systems themselves.

To read this article in full or to leave a comment, please click here