Tipsglobe Logo Facebook Share Twitter Share Google Share LinkedIn Share StumbleUpon Share

Adobe’s addition of a sandbox called ‘Protected Mode’ into Reader X has put a significant roadblock for malicious hackers. However, it has set up a perfect cat-and-mouse game where attackers are working overtime to bypass the mitigations.

In this talk by Paul Sabanal and Mark Yason from IBM ISS’s X-Force Advanced Research Team, Black Hat attendees will get a deep technical explanation of the implementation details of the Adobe Reader Protected Mode sandbox and the the results of reversing efforts to understand the mechanisms and data structures that make up the sandbox.

The researchers also plan to discuss the limitations and weaknesses of the sandbox and offer possible avenues to achieve privilege escalation. “We will demonstrate how an attacker could leverage the limitations and weaknesses of the Adobe Reader Protected Mode sandbox to carry out information theft or corporate espionage. We will be demonstrating a proof-of-concept information stealing exploit payload bootstrapped by exploiting a publicly known Adobe Reader X vulnerability,” the researchers explained.

Post a Comment Blogger