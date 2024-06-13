The Pwn2Own computer hacking contest has been around since 2007, and during that time, there has never been a female to score a full win — until now.

This milestone was reached at Pwn2Own 2024 in Vancouver, where two women, Valentina Palmiotti and Emma Kirkpatrick, each secured full wins by exploiting kernel vulnerabilities in Microsoft Windows 11. Prior to this year, only Amy Burnett and Alisa Esage had competed in the contest’s 17-year history, with Esage achieving a partial win in 2021.

At the March 2024 competition, Palmiotti (aka Chompie) scored a win with her discovery of an Improper Update of Reference Count bug to escalate privileges on Windows 11. It was her first time entering Pwn2Own.

Pwn2Own is considered one of the most — if not the most — prestigious hacking competitions in the world. Sponsored by the Zero Day Initiative, participants try to exploit popular software and devices with previously unknown vulnerabilities. Security Intelligence spoke with Palmiotti, an exploit researcher on IBM’s X-Force Red team, about her path to becoming an ethical hacker.