The tag team of AbdulAziz Hariri and Mat Powell blog about exploiting a slick UAF in #Adobe #Reader (CVE-2020-9715). The exploit was submitted to us by Mark Vincent Yason and patched last month. bit.ly/355EBi2

Finding an info leak is a key step to a successful exploit chain. Mat Powell details one such leak in #Adobe #Reader that can disclose the base address of Annots.api. Originally reported by Mark Vincent Yason, the details of this stellar bug (with video) are at bit.ly/3k1eWfS

In a new guest blog, Mark Vincent Yason talks about some of the #Adobe #Reader vulns he reported. Two of these bugs, in particular, CVE-2021-28632 and CVE-2021-39840, are related UAF bugs even though they were patched months apart. Read the details at zerodayinitiative.com/blog/2021/10/2…

We had a lot of fun handing out our first-ever #Vanguard Awards. If you couldn't be there, we've updated our blog with all the winners. Check it out at zerodayinitiative.com/blog/2024/8/1/…

#Target Data Breach: Understand & Detect #Kaptoxa POS Malware - securityintelligence.com/target-data-br… #malware #retail #pos #datasecurity #ibmxforce

Diving Into IE 10’s Enhanced Protected Mode Sandbox at #BHASIA 2014 - securityintelligence.com/ie-10-enhanced… // #IBMXForce

A Peek into IE 10’s Enhanced Protected Mode Sandbox - securityintelligence.com/internet-explo… via IBM X-Force #ibmxforce #IE10

.Mark Vincent Yason discusses the attack surface of Microsoft's new #Windows10 EdgeHTML rendering engine -- #BHUSA Briefing ow.ly/N9hZM