Adobe Confirms New Adobe Reader Zero-Day Bug

    Adobe Confirms New Adobe Reader Zero-Day Bug


    Posted: 05 Aug 2010

    Adobe has confirmed a zero-day remote code execution vulnerability revealed by a security researcher during the Black Hat security conference last week. The company has yet to decide if it needs to break out of its quarterly update cycle in order to patch it.

    The Adobe bug was disclosed by renowned hacker and security researcher Charlie Miller during his Black Hat talk on crash analysis techniques. Miller's presentation focused around a tool called BitBlaze, developed at UC Berkeley, which can be used to significantly decrease the time it takes researchers or developers to analyze if crashes are exploitable or not.

    The hacker chose several bugs in Adobe Reader and OpenOffice for its case studies. The examples included two exploitable bugs in Adobe Reader 9.2.0, that were discovered last November and are already fixed, a non-exploitable flaw and a zero-day vulnerability in the latest version of the application.

    More -
    Adobe Confirms New Adobe Reader Zero-Day Bug - Still evaluating if out-of-band patch is necessary - Softpedia
    Posted By: JMH
    05 Aug 2010



 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 23:37.
Find Us