Windows 7 Update Fixes Double Zero-Day Vulnerability

Microsoft has recently addressed a vulnerability in Windows 7 that was found with help from ESET, with the company saying that no attacks happened given the fast response to the rapid discovery.

In a technical analysis of the flaw, Matt Oh, Windows Defender ATP Research, says the team at Microsoft worked together with ESET researchers and Adobe to patch two different zero-day exploits in one PDF originally believed to include an unknown Windows kernel vulnerability.

“During my investigation in parallel with ESET researchers, I was surprised to discover two new zero-day exploits in the same PDF. One exploit affected Adobe Acrobat and Reader, while the other exploit affected older platforms, Windows 7 and Windows Server 2008,” Oh explains.

While the first exploit was targeting Adobe JavaScript engine, the other was speci... (read more)

from Softpedia News / Global https://ift.tt/2NoJuYa