Microsoft recently neutralized a double zero-day exploit

Home » Microsoft

Reading time icon 1 min. read

Calendar icon Published on

by Pradeep Viswav 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

On Monday, Microsoft provided details on how they collaborated with ESET and Adobe security researchers to find and neutralize a double zero-day exploit before an attacker had a chance to use it. This particular exploit affected both Adobe products (Acrobat and Reader) and Microsoft products (Windows 7 and Windows Server 2008).

The first exploit attacks the Adobe JavaScript engine to run shellcode in the context of that module. The second exploit, which does not affect modern platforms like Windows 10, allows the shellcode to escape Adobe Reader sandbox and run with elevated privileges from Windows kernel memory.

Microsoft and Adobe have already released security updates for these exploits, you can learn more about them from the links below.

If you are interested in learning more about the exploit process, hit the source link below.

Source: Microsoft

Pradeep Viswav

Pradeep Viswav Shield

Software and Services Expert

Pradeep is a Computer Science and Engineering Graduate. He was also a Microsoft Student Partner. He is currently working in a leading IT company.

User forum

0 messages