Pwn2Own 2016 Major Changes and Rules v3

Pwn2Own 2016 Major Changes and Rules:

=> Wassenaar: "Any software or technology that attendees bring or cause to be transferred to Canada for the Contest may be subject to the export controls of attendee's country of residence or travel origin. Attendees are responsible for compliance with any applicable import and export controls as a result of their attendance at the Contest."

=> Major changes for Pwn2Own 2016:
- Removed target: Firefox
- Added target: VMware Workstation
- No ZDI reward points for all winners but only for the one contestant with the highest total points.
- Contestants have only 3 attempts to browse to the malicious content during a 15 minute time slot.
- Prizes for Chrome and Safari have been reduced by $10,000 each. Prize for SYSTEM EoP was also reduced (by $5,000).

=> Targets/Prizes/Rules:

Microsoft Windows 10 x64 / Mac OS X El Capitan.

Google Chrome + Sandbox bypass/escape: $65,000 (USD)
Microsoft Edge + Sandbox bypass/escape: $65,000 (USD)
Adobe Flash running in Microsoft Edge + Sandbox bypass/escape: $60,000 (USD)
Apple Safari (Mac OS X) + Sandbox bypass/escape: $40,000 (USD)
(Optional) Gain SYSTEM or root: +$20,000 (USD)
(Optional) VMware Workstation host-to-guest escape: +$75,000 (USD)

- A successful remote attack against these targets must require no user interaction beyond the action required to browse to the malicious content and must occur within the user's session with no reboots, or logoff/logons. For example, having to interact with a dialog in order to successfully complete the exploit or writing a malicious file to the Startup folder is *not* allowed.

Full rules: http://zerodayinitiative.com/Pwn2Own2016Rules.html