- Dec 30, 2012
- 4,809
A security researcher has casually revealed 15 vulnerabilities which impact on Microsoft Windows and Adobe Reader.
On Tuesday, Google Project Zero hacker Mateusz Jurczyk outlined a total of 15 critical vulnerabilities discovered within font management systems.
The research, also presented at the REcon security conference in Montreal in a talk called "One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation," (.PDF), reveals a set of nasty remote code execution and privilege escalation flaws which can be exploited through Adobe Reader or the Windows Kernel.
Jurczyk discovered a number of low to critical-severity security flaws, but the worst two,CVE-2015-3052 and CVE-2015-0093, which exist in both 32-bit and 64-bit systems, are found within the Adobe Type Manager Font Driver.
Further reading
On Tuesday, Google Project Zero hacker Mateusz Jurczyk outlined a total of 15 critical vulnerabilities discovered within font management systems.
The research, also presented at the REcon security conference in Montreal in a talk called "One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation," (.PDF), reveals a set of nasty remote code execution and privilege escalation flaws which can be exploited through Adobe Reader or the Windows Kernel.
Jurczyk discovered a number of low to critical-severity security flaws, but the worst two,CVE-2015-3052 and CVE-2015-0093, which exist in both 32-bit and 64-bit systems, are found within the Adobe Type Manager Font Driver.
Further reading
Last edited by a moderator:
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
