Group-IB US: Zero-day vulnerability found in Adobe X

By Asrokhel
in Back Page News

 Share

Recommended Posts

Mentor

Asrokhel

Posted
Posted

NEW YORK ? There is new vulnerability in Adobe X which helps to execute its own shellcode with help of malformed PDF-documents with specially crafted forms.

The vulnerability is also included in new modified version of "Blackhole Exploit-Kit?, which is used for the distributing the banking Trojans (Zeus, Spyeye, Carberp, Citadel) with the help of exploitation different vulnerabilities in client-side software.

Andrey Komarov, the Head of International Projects Department of Group-IB: ?The vulnerability has some limitations, for example it could be successfully exploited only after the user will close the browser and restart it. Another variant is to organize interaction between the victim and the malformed PDF-document. Either way, the vulnerability is has very significant vector to be spread with bypassing of internal Adobe X sandbox, which is appealing for cybercrime gangs because in the past there was no documented method of how to bypass it with shellcode execution.?.

The end price on this vulnerability on black market is approximately 30 000 ? 50 000 USD. For now this flaw is distributed only in only small circles of the underground but it has the potential for much larger post-exloitation methods.

Dan Clements, Managing Partner of Group-IB US: ?As more and more of these unpatchable zero day threats pop up in application software and operating systems, it provides bot authors more opportunities to design more creative methods to get their malware loaded into a victims computer?.

The POC of the zero-flaw found in Adobe X was published in YouTube by Group-IB US threat intelligence team:

About Group-IB

Group-IB is the first company in Russia and the former Soviet Union working professionally and comprehensively in cybercrime investigation, information security breaches, and computer forensics. As part of the company, a computer forensics lab provides independent computer forensic investigations, including for Russian law enforcement agencies. Created on the basis of Group-IB, CERT-GIB operates as the first private computer emergency response team in Russia. Group-IB is part of LETA Group.

http://www.group-ib....ound-in-adobe-x

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Codec Tweak Tool 6.7.7

      By Copernic · Posted

      Codec Tweak Tool 6.7.7 by Razvan Serea This tool is a Swiss army knife for managing codecs and codec settings. Codec Tweak Tool will scan for broken filters and remove them. If the tool detects something that is broken, it will then prompt you with the details and you will be given the option to remove the broken item. Generate a detailed log of all installed codecs and filters, enable/disable more than 250 popular codecs and filters (if they are installed), manage preferred source filters, and reset settings. With this tool you can do things like: Scan the registry to detect and remove broken references to codecs and filters. Enable/disable more than 200 popular codecs and filters (if they are installed). Manage preferred source filters (a.k.a. splitters). Detect broken codecs and DirectShow filters. Fix problems with the standard DirectShow filters of Windows. A fix for a specific sound problem. Generate a text file with detailed information about all installed codecs and DirectShow filters, along with other relevant system information. Reset settings to recommended values for many popular codecs and DirectShow filters. Configure audio output settings for several popular audio decoders. Several configuration options for a few DirectShow filters that don't have an easily accessible interface for those options. Easy access to the configuration interfaces of various codecs and DirectShow filters Backup the settings of several codecs and DirectShow filters. Replace your current settings with those from a previous backup. Manage DirectShow filters - Enable or disable DirectShow filters. Manage ACM/VFW codecs - Enable or disable ACM/VFW codecs. Enable or disable DirectX Media Objects. Configure your preferred DirectShow source filters (a.k.a. splitters) for several common file extensions. Enable or disable the generation of thumbnails for several common video file formats in Windows Explorer. Download: Codec Tweak Tool 6.7.7 | 1.5 MB (Freeware) View: Codec Tweak Tool Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Threads scales past half a billion users, brings deeper community and feed controls

      By ryansurfer98 · Posted

      Mostly older people.
    • Major Xbox layoffs may claim South of Midnight developer Compulsion entirely

      By ryansurfer98 · Posted

      Ok boomer.
    • Snap Inc. launches new SPECS augmented reality glasses (for 'just' $2,195)

      By [deXter] · Posted

      The site is pretty sparse on features / tech specs. Can I plug it into a PC/hone/Switch via USB-C and use it as an external display? If so, what's the virtual resolution of the screen, the refresh rate, PPI of the image etc? Is the text crisp enough to use for coding at say 12pt? Is it good enough for playing dark games, like say Path of Exile 2? How about fast games like car racing games? Just how do they expect anyone to order this thing without giving out all this info?
    • Nearly half of American adults now use AI, but concerns are also growing

      By tsupersonic · Posted

      I call complete bs on this - no way your average joe / jane is using AI.

  • Recent Achievements

    • One Month Later
      Vincian earned a badge
      One Month Later
    • First Post
      Jocimo earned a badge
      First Post
    • Week One Done
      suprememobiles48 earned a badge
      Week One Done
    • One Month Later
      Windows Guy earned a badge
      One Month Later
    • One Month Later
      Prasann earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      546
    2. 2
      +Edouard
      159
    3. 3
      PsYcHoKiLLa
      86
    4. 4
      neufuse
      65
    5. 5
      Steven P.
      65
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!