$50,000 Zero-Day Exploit Evades Adobe's Sandbox, Say Russian Analysts 56
tsu doh nimh writes with this excerpt from Krebs on Security: "Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they've discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because — beginning with Reader X — Adobe introduced a 'sandbox' feature aimed at blocking the exploitation of previously unidentified security holes in its software, and until now that protection has held its ground. Adobe, meanwhile, says it has not yet been able to verify the zero-day claims."
This is Actually an Interesting Trend... (Score:5, Insightful)
If I remember correctly, Flame was first identified by Kapersky, a Russian company. In this age wherein the US Government has a cyber-warfare division, it seems as though a large amount of the interesting, practical work in Computer Security is moving to Russia.
Re:This is Actually an Interesting Trend... (Score:4, Insightful)
Well since most of the interesting, practical work in Computer Insecurity is there as well, it makes sense.
What is broken? the reader or the specs? (Score:5, Insightful)
High time people stop using the Adobe pdf reader, and disable the "active hyperlinks" in it if it cant be fully uninstalled. Just in case some malware manages to trick the browser into using the installed adobe reader overriding the preference to foxit reader.
but wait, it gets worse (Score:5, Insightful)