Microsoft Security Tool Mitigates Adobe Zero-Day Vulnerability
Microsoft and Adobe Systems say Microsoft's Enhanced Mitigation Experience Toolkit 2.0 can help protect users against attackers targeting a bug in Adobe Reader and Acrobat.Adobe Reader and Acrobat users on Windows machines now have a potential shield available to protect them from attackers targeting a zero-day vulnerability. Microsoft and Adobe Systems announced Sept. 10 that the latest edition of Microsoft's Enhanced Mitigation Experience Toolkit can be used to block attacks. The announcement followed reports that an exploit currently in the wild can bypass Microsoft's data execution prevention feature using a technique known as ROP (return-oriented programming).
"Normally Address Space Layout Randomization (ASLR) would help prevent successful exploitation," said a post on Microsoft's Security Research & Defense blog. "However, this product ships with a DLL (icucnv36.dll) that doesn't have ASLR turned on. Without ASLR, this DLL is always going to be loaded at a predictable address and can be leverage by an exploit."