$50,000 Zero-Day Exploit Evades Adobe's Sandbox, Say Russian Analysts

tsu doh nimh writes with this excerpt from Krebs on Security: "Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they've discovered that a new exploit capable of compromising the security of computers running Adobe X and XI (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000. This is significant because — beginning with Reader X — Adobe introduced a 'sandbox' feature aimed at blocking the exploitation of previously unidentified security holes in its software, and until now that protection has held its ground. Adobe, meanwhile, says it has not yet been able to verify the zero-day claims."

not yet been able to verify the zero-day claims

[fustakrakich]

They can if they cough up 50 grand for a copy. By the way, is anybody getting sued for uploading a free torrent?

Can't verify.

Sorry, we cannot verify this zero-day exploit, the computer we tested it on isn't working right for some reason.

Re:Translating Roman Numerals... srsly???

[MightyYar]

If you ask me, this site has been going downhill ever since they dropped Latin and started posting in English.

Re:Translating Roman Numerals... srsly???

[MadChicken]

They would have kept one numbering system for the whole article, but "Zero-day" would have been really tough.

Re:Translating Roman Numerals... srsly???

[FatdogHaiku]

O tempora, o mores!