Closed Bug 810534 Opened 13 years ago Closed 12 years ago

Monitoring Reported 0-Day in Adobe Reader

Categories

(Plugins Graveyard :: PDF (Adobe), defect)

Product:
Plugins Graveyard
Component:
PDF (Adobe)
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: mcoates, Unassigned)

Details

(Keywords: sec-vector)

This bug is to track the situation around Adobe Reader 0-day reported here: http://krebsonsecurity.com/2012/11/experts-warn-of-zero-day-exploit-for-adobe-reader/
I spoke with David Lenoe at Adobe (thanks Alex for connecting). Based on the below information I recommend we take no action at this time and monitor how the situation develops. Current situation: Public Risk * Adobe sees no evidence of active exploitation in the wild - targeted or widespread. * They feel confident that if there was exploitation they'd receive samples quickly * Adobe spoke with Brian Krebs. Brian has talked with Blackhole kit rep and the individual claimed the exploit is not actually in BlackHole at this time. Addressing the Vulnerability * Adobe is working with Group-IB (the company who has this exploit) to obtain access to the proof of concept * Adobe believes they know the root of the problem, but want to verify with POC * Adobe is ready for an out of band push within about 1 week if they get the POC Communication Plan * Adobe will let me know if they see any indications of public exploitation * Mozilla will let Adobe know if we see a spike in crashes that is likely related to current adobe reader or we have knowledge of public exploitation
Keywords: sec-vector
mcoates, can this be opened up/marked WFM now?
Flags: needinfo?(mcoates)
Group: core-security
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WORKSFORME
Product: Plugins → Plugins Graveyard
Flags: needinfo?(mcoates)
You need to log in before you can comment on or make changes to this bug.