This article is more than 1 year old

Bash, smash, trash Flash – earn $100k cash

Exploit men set sights on Adobe heap isolation, proffer fat cheque for those who wreck

Hackers can score US$100,000 from exploit arbitrage outfit Zerodium if they bypass Adobe's latest Flash heap isolation defence.

Hackers will have to craft an exploit that escapes the sandbox to hit the jackpot, because that's more complex than a non-sandbox break which attracts a $65,000 reward.

It comes less than a month after Adobe announced it is rewriting memory security to allow heap isolation, a feat achieved after a year's worth of collaboration with Google's Project Zero hacking den, and Microsoft.

Adobe principal scientist Peleus Uhley said at the time the heap isolation would help reduce the effectiveness of use-after-free vulnerabilities.

"This project initially started with a Project Zero code contribution to help isolate vectors. Based on the results of that release and discussions with the Microsoft research team, Adobe then expanded that code to cover ByteArrays.

In last week’s release, Adobe deployed a rewrite of our memory manager to create the foundation for widespread heap isolation which we will build on, going forward. This change will limit the ability for attackers to effectively leverage use-after-free vulnerabilities for exploitation."

The new exploit payment offer might irk Adobe security wonks as any vulnerabilities reported are likely to be offered to Zerodium's clients, and not to Adobe for updating.

Adobe chalked up its expansion of Microsoft’s Control Flow Guard protection as another security feat of 2015.

It also applied the Pepper API for improved sandboxing and tackled integration with new security tricks with the Edge browser.

Uhley said Project Zero was responsible for a third of reported vulnerabilities and labelled the security community "immensely helpful" in identifying holes. ®

More about

TIP US OFF

Send us news


Other stories you might like