Google Project Zero hacker Mateusz Jurczyk has dropped 15 remote code execution vulnerabilities, including a single devastating hack against Adobe Reader and Windows he reckons beats all exploit defenses.
He said, "The extremely powerful primitive provided by the
vulnerability, together with the fact that it affected all supported
versions of both Adobe Reader and Microsoft Windows (32-bit) – thus
making it possible to create an exploit chain leading to a full system
compromise with just a single bug – makes it one of the most interesting
security issues I have discovered so far." Jurczyk published a video demonstration of the exploit for 32-bit and 64-bit systems. His slides are here [PDF].
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.