TippingPoint does not release details of the vulnerabilities exploited for Pwn2Own, but instead purchases the rights to the flaws and exploit code as part of the contest. It then turns over information to the appropriate vendors, who all had representatives on hand.

Only after the vendor has plugged the hole does TippingPoint disclose details of each flaw.

If history is any indication, vendors will push out patches for the exploited vulnerabilities fairly quickly. In 2008, for example, Apple to patch the Safari bug that Miller used to win $10,000 at his inaugural Pwn2Own.

Mozilla beat that record last year when it the browser.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at or subscribe to . His e-mail address is .