This just came across my desk so I figured I would post a short informational piece for those of you who are using the mentioned Adobe products.
The 0-day has been active since about 2 weeks ago from some of the code samplings I have seen thus far and has now been brought to the attention of the vendor, so with that the we can expect to see a patch soon I would hope.
The Exploit allows an attacker to craft a malicious PDF and upon being opened on a vulnerable version of the Adobe software will allow the execution of arbitrary code. this may allow an attacker to take complete control of the affected system. No patch is currently available and A proof of concept module has been added to the Metasploit framework. I will be playing with this POC module in the days to come and have additional details at a more in depth technical level.
Happy Patching / Updating.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment