Top

Critical vulnerabilities in Windows and Adobe Reader exposed by hacker

June 24, 2015

Category:

A hacker has published an extensive list of Adobe Reader and Windows vulnerabilities based on his research into a relatively obscure area of font management.

Google Project Zero hacker Mateusz Jurczyk found a total of 15 vulnerabilities, any of which could trigger remote code execution or privilege escalation in Adobe Reader or the Windows kernel. However, the two worst (detailed as CVE-2015-3052 for 32-bit and CVE-2015-0093 for 64-bit) exist in the Adobe Type Manager Font Driver, which has existed in the Windows kernel since Windows NT 4.

Read More