Security Researcher Drops 15 Vulnerabilities for Windows and Adobe Reader

mask.of.sanity writes: Google Project Zero hacker Mateusz Jurczyk has dropped 15 remote code execution vulnerabilities, including a single devastating hack against Adobe Reader and Windows he reckons beats all exploit defenses. He said, "The extremely powerful primitive provided by the vulnerability, together with the fact that it affected all supported versions of both Adobe Reader and Microsoft Windows (32-bit) – thus making it possible to create an exploit chain leading to a full system compromise with just a single bug – makes it one of the most interesting security issues I have discovered so far." Jurczyk published a video demonstration of the exploit for 32-bit and 64-bit systems. His slides are here [PDF].

Re:PDF link to PDF exploit

[drinkypoo]

I know, right? That's how long it takes on my 200 MHz Pentium system too.

That's how long it takes on my six-core, eight-gig, SSD system. It is seriously pathetic how long it takes Firefox to view a PDF by itself.