In March 2018 ESET detected attacks using two zero-day vulnerabilities in Microsoft win32k.sys driver (CVE-2018-8120) and and Adobe Acrobat.
JS/Exploit.Pdfka.QNV trojan (ESET)
Vulnerable component: Adobe Acrobat DC
CVSSv3 score: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-415 - Double Free
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to double free memory error when handling malicious input. A remote attacker can trick the victim into opening a specially crafted .pdf file and execute arbitrary code with privileges of the current user.
Latest references in media:
- Signal bugs, car hack antics, the Adobe flaw you may have missed, and much more [2018-05-19 10:42:32]
- Malicious PDF Leads to Discovery of Adobe Reader, Windows Zero-Days [2018-05-16 14:43:31]
- Mysterious hackers ingenuously reveal two Zero-Days to security community [2018-05-16 13:56:15]
- Shadowy Hackers Accidentally Reveal Two Zero-Days to Security Researchers [2018-05-15 23:30:09]
- Adobe Security updates - Adobe Acrobat ,Reader and Photoshop CC [2018-05-15 15:01:12]
- Adobe Slings Fixes For a Further 47 CVEs [2018-05-15 12:18:42]
- How many ways can a PDF mess up your PC? 47 in this Adobe update alone [2018-05-14 20:52:47]
Vulnerability scanning SaaS service is online 3-rd generation vulnerability scanner with scheduled assessments and vulnerability subscription. You can use service to check security of your network perimeter.