2013年6月14日 星期五

PDF exploit is getting hot, watch out for CVE-2013-2729

There are at least three hot document exploits shooting around on this season, mainly disguised in the form of .doc and .pdf document. Earlier this month, we identified an interesting PDF file, pretty fresh, it's the CVE-2013-2729 exploit, which was recently patched by Adobe on May 14, http://www.adobe.com/support/security/bulletins/apsb13-15.html. The first security advisory of this exploit was released by http://www.binamuse.com, it's a specially crafted BMP file that can bypass ASLR and DEP!

提醒大家新的APT高峰期即將出現, 新 PDF Exploit CVE-2013-2729 已經用在 APT Email 攻擊中

提醒大家新的APT高峰期即將出現,目前至少有3個惡意文件的Exploit正在流行,目前以DOC跟PDF為主,首先下面我們介紹一下這一梯的 PDF 新貨 :)

CVE-2013-2729 是一個才在5月14號被Adobe最新修補的 PDF漏洞,最早發表研究的是 http://www.binamuse.com,透過一個特別設計的BMP檔引發漏洞,這個exploit 可以繞過ASLR+DEP 成功達陣! 影響Adobe Reader XI (11.0.02)之前的版本。請參考 http://www.adobe.com/support/security/bulletins/apsb13-15.html