The video below from Matthew Watchinski of SourceFire VRT offers some interesting information on the events surrounding the Adobe JBIG2 0-Day from February
http://vimeo.com/4110571
If you have a few moments (and you are a complete geek) you might find it interesting.
Notable from the presentation:
http://vimeo.com/4110571
If you have a few moments (and you are a complete geek) you might find it interesting.
Notable from the presentation:
- JBIG2 vulnerability sold on the black market on Jan 1st to a buyer in China for $75K
- first exploit related to this vuln was observed in the wild on January 11th
- ShadowServer crew posted their notification on February 19th
- Adobe knew about it before but sat on it and did nothing
- exploit was used in the wild for approx a month before it became public
- All pdf readers including Foxit and Mac OSX Preview were vulnerable to this exploit
- All of the risk mediation that we were told at the time concerning the 0-day proved to be wrong
- PDF vulnerabilities are easy to find
- PDF vulnerabilities are highly sought after in the darker corners of the internet
- WE CAN EXPECT MORE ADOBE 0-DAYS THROUGHOUT 2009!
Posts
