{"id":1321,"date":"2013-03-09T09:48:08","date_gmt":"2013-03-09T14:48:08","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=1321"},"modified":"2013-03-09T09:48:08","modified_gmt":"2013-03-09T14:48:08","slug":"adobe-reader-and-flash-exploits-found-at-pwn2own","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/03\/09\/adobe-reader-and-flash-exploits-found-at-pwn2own\/","title":{"rendered":"Adobe Reader and Flash exploits found at Pwn2Own"},"content":{"rendered":"

On Thursday, we reported that security firms had found zero day exploits in three web browsers as part of the Pwn2Own competition. Two exploits were found in Internet Explorer 10 for Windows 8 by the French security company VUPEN.<\/p>\n

<\/a><\/p>\n

Now there’s word that the same company found an bug in Adobe Flash Player that allowed them to take control of the PCs that had Flash installed on their systems. Ars Technica reports that the team won $70,000 as part of the Pwn2Own competition, which is taking place this week as part of the CanSecWest security conference.
\nFlash has not had an easy time of it lately: the program received three security patches in February, two of which were unscheduled releases in order to close exploits that were being used by hackers. We presume that Adobe will be issuing another Flash security update soon.
\nGeorge Hotz, the hacker who gain both fame and infamy for his work in unlocking iPhones and hacking the Playstation 3, went after Adobe’s Reader application as part of the competition and managed to get through the program’s sandbox to take over the PC that had Reader installed. Hotz also picked up $70,000 for his efforts.
\nvia Adobe Reader and Flash exploits found at Pwn2Own – Neowin<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

On Thursday, we reported that security firms had found zero day exploits in three web browsers as part of the […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,9],"tags":[43,341,891],"class_list":["post-1321","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-adobe","tag-exploit","tag-reader"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-lj","jetpack-related-posts":[{"id":8465,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/07\/13\/hacking-teams-arsenal-included-at-least-three-unpatched-exploits-for-flash-player\/","url_meta":{"origin":1321,"position":0},"title":"Hacking Team’s arsenal included at least three unpatched exploits for Flash Player","author":"NCCT","date":"July 13, 2015","format":false,"excerpt":"Recently breached surveillance software maker, Hacking Team, had access to three different exploits for previously unknown vulnerabilities in Flash Player. All of them are now out in the open, putting Internet users at risk. Milan-based Hacking Team develops and sells surveillance software to government agencies from around the world. On\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5916,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/08\/attack-on-dailymotion-redirected-visitors-to-exploits\/","url_meta":{"origin":1321,"position":1},"title":"Attack on Dailymotion redirected visitors to exploits","author":"NCCT","date":"July 8, 2014","format":false,"excerpt":"Attackers injected malicious code into Dailymotion.com, a popular video sharing website, and redirected visitors to Web-based exploits that installed malware. The rogue code consisted of an iframe that appeared on Dailymotion on June 28, researchers from security vendor Symantec said Thursday in a blog post. The iframe redirected browsers to\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7876,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/03\/24\/fully-patched-versions-of-firefox-chrome-ie-11-and-safari-exploited-at-pwn2own-hacking-competition\/","url_meta":{"origin":1321,"position":2},"title":"Fully patched versions of Firefox, Chrome, IE 11 and Safari exploited at Pwn2Own hacking competition","author":"NCCT","date":"March 24, 2015","format":false,"excerpt":"As in years past, the latest patched versions of the most popular web browsers around stood little chance against those competing in the annual Pwn2Own hacking competition. The usual suspects \u2013 Apple Safari, Google Chrome, Mozilla Firefox and Microsoft Internet Explorer \u2013 all went down during the two-day competition, earning\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/V99skqmTyiY\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":8738,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/09\/surprise-adobes-flash-is-a-favorite-hacking-target-by-far\/","url_meta":{"origin":1321,"position":3},"title":"Surprise: Adobe’s Flash is a favorite hacking target by far","author":"NCCT","date":"November 9, 2015","format":false,"excerpt":"Jeremy Kirk | PCWorld Adobe Systems\u2019 Flash plugin gets no love from anyone in the security field these days. A new study released Monday shows just how much it is favored by cybercriminals to sneak their malware onto computers.It looked at more than 100 exploit kits, which are frameworks planted\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7570,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/05\/malicious-advertisements-on-major-sites-compromised-many-many-pcs\/","url_meta":{"origin":1321,"position":4},"title":"Malicious advertisements on major sites compromised many, many PCs","author":"NCCT","date":"February 5, 2015","format":false,"excerpt":"Attackers who have slipped malicious advertisements onto major websites over the last month have potentially compromised large numbers of computers. Several security vendors have documented attacks involving malicious advertisements, which automatically redirect victims to other websites or pages that silently attack their computer and install malware. \u201cWe certainly see malvertising\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8785,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/21\/facebook-becomes-the-latest-company-to-ditch-flash-switches-to-html5-for-all-video\/","url_meta":{"origin":1321,"position":5},"title":"Facebook becomes the latest company to ditch Flash, switches to HTML5 for all video","author":"NCCT","date":"December 21, 2015","format":false,"excerpt":"By Rob Thubron | TechSpot In what may be the final nail in the coffin for Flash, Facebook has now abandoned the technology in favor of HTML5 for all web videos that appear on its News Feed, Pages, and in the embedded Facebook video player. Facebook says it is continuing\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=1321"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/1321\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=1321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=1321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=1321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}