Zero-days under active exploit are keeping Windows users busy

Dan Goodin

from Ars Technica - All content on 2021-02-09 21:50 (#5DZV7)

It's the second Tuesday of February, and that means Microsoft and other software makers are releasing dozens of updates to fix security vulnerabilities. Topping off this month's list are two zero-days under active exploit and critical networking flaws that allow attackers to remotely execute malicious code or shut down computers.

The most important patch fixes a code-execution flaw in Adobe Reader, which despite its long-in-the-tooth status remains widely used for viewing and working with PDF documents. CVE-2021-21017, as the critical vulnerability is tracked, stems from a heap-based buffer overflow. After being tipped off by an anonymous source, Adobe warned that the flaw has been actively exploited in limited attacks that target Reader users running Windows.

Adobe didn't provide additional details about the vulnerability or the in-the-wild attacks exploiting it. Typically, hackers use specially crafted documents sent by email or published online to trigger the vulnerability and execute code that installs malware on the device running the application. Adobe's use of the word limited" likely means that the hackers are narrowly focusing their attacks on a small number of high-value targets.

Read 12 remaining paragraphs | Comments

index?i=5LDgSLAVo_w:bRccf_45zCw:V_sGLiPB

index?i=5LDgSLAVo_w:bRccf_45zCw:F7zBnMyn

Source	RSS or Atom Feed
Feed Location	http://feeds.arstechnica.com/arstechnica/index
Feed Title	Ars Technica - All content
Feed Link	https://arstechnica.com/