|05 Aug 2010||#1|
| || |
Adobe Confirms New Adobe Reader Zero-Day Bug
Adobe has confirmed a zero-day remote code execution vulnerability revealed by a security researcher during the Black Hat security conference last week. The company has yet to decide if it needs to break out of its quarterly update cycle in order to patch it.
The Adobe bug was disclosed by renowned hacker and security researcher Charlie Miller during his Black Hat talk on crash analysis techniques. Miller's presentation focused around a tool called BitBlaze, developed at UC Berkeley, which can be used to significantly decrease the time it takes researchers or developers to analyze if crashes are exploitable or not.
The hacker chose several bugs in Adobe Reader and OpenOffice for its case studies. The examples included two exploitable bugs in Adobe Reader 9.2.0, that were discovered last November and are already fixed, a non-exploitable flaw and a zero-day vulnerability in the latest version of the application.
Adobe Confirms New Adobe Reader Zero-Day Bug - Still evaluating if out-of-band patch is necessary - Softpedia
|My System Specs|
|Similar help and support threads for2: Adobe Confirms New Adobe Reader Zero-Day Bug|
|Adobe Reader XI||Software|
|Adobe confirms 'leaky PDF' flaw, fix due on 14 May||Security News|
|Adobe confirms targeted attacks due to security hole in Reader||Security News|
|Adobe reader 9||Software|
|Adobe Reader||Browsers & Mail|
|adobe reader 9||Software|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 07:45 AM.