HomeWinBuzzer NewsMicrosoft Finds Zero-Day Adobe Flaw and Shuts it Down Before Attack

Microsoft Finds Zero-Day Adobe Flaw and Shuts it Down Before Attack

Alongside the Adobe zero-day, a vulnerability in Windows was also discovered and mitigated. Microsoft says no attacks leveraging the exploits have been observed.

-

has announced it recently shut down two zero-day exploits in Acrobat and Reader. In response, both Microsoft and Adobe have sent our combined patches to mitigate the problem. The company describes the find and solution as “an amazing result”.

It is arguable that Microsoft's discovery of the pair od zero-day exploits came by chance. The company was analysing a PDF sample of a potential exploit for a Windows kernel flaw. That PDF was sent by ESET senior malware researcher Anton Cherepanov.

While looking into that potential vulnerability, Microsoft stumbled upon two entirely different zero-day exploits. The first was a flaw in Adobe services, while the second affected older Microsoft platforms like Windows 7 and Windows Server 2008.

In response to the discovery, Microsoft and Adobe sent out relevant patches to shore their services:

Discussing the Adobe vulnerabilities, Microsoft's Windows Defender blog post states:

“The first exploit attacks the Adobe engine to run shellcode in the context of that module. The second exploit, which does not affect modern platforms like Windows 10, allows the shellcode to escape Adobe Reader sandbox and run with elevated privileges from Windows kernel memory. ESET provided an analysis of the exploitation routines in the sample PDF.”

Amazing Result

The PDF sample including the exploits (and the potential Windows kernel problem) were found on VirusTotal. However, Microsoft says it has not observed any instances of the flaws being exploited in an attack.

Instead, the company explains the exploit was still being developer and was at a proof-of-concept stage. Because of this, Redmond insists finding and shutting down the flaws before an attack was an “amazing result of the great collaboration between ESET, Microsoft, and Adobe security researchers.”

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News