Wednesday, January 6, 2016

Exploit Flash Heap Isolation for a chance to “win” $100,000

By on 7:59 PM
Exploit Flash Heap Isolation for a chance to “win” $100,000Exploit Flash Heap Isolation for a chance to “win” $100,000
If you can exploit Adobe’s Heap Isolation mitigation in Flash player version 18.0.0209 – a mechanism deployed to patch the User-After-Free (UAF) vulnerabilities – you’re in for a sweet treat: Zerodium will, in fact, pay you good money.
The startup, founded by Vupen, Chaouki Bekrar’s French-based exploit broker, is committed to buying and sell zero-day vulnerabilities, that are all those undisclosed vulnerabilities latently waiting to be exploited. It recently disbursed $1 Million bounty to a hacker who submitted an untethered exploit (browser-based iOS 9.1/9.2b).
The aforementioned Isolated Heap Mitigation technique is tailored to solve User-After-Free vulnerabilities – memory corruption flaws that allow arbitrary code executions, even remotely. What the Mitigation techniques does is provide an isolated heap – which is, as the name suggests, kept separate from other helps a user can directly access – that prevents precise control of the data, thus eluding the chances for hackers to corrupt memory.
Today Zerodium tweeted “terms and conditions” together with the respective prize that could be won when winning the challenge: $100,000 only available this month for an exploit that can bypass Flash’s Heap Isolation with a sandbox escape, or $65.000 for the same task only this time without a sandbox escape.


Easier said than done? Might be the other way round for all those who thrive in the IT environment and are equally eager and thrilled to get their hands dirty right away. Hope they will appreciate the thrill of it better than the money, for Zerodium will re-sell their non-patentable discoveries for higher amounts.
For all those who will stay out of the “hacker games” and want to eliminate zero-day exploits, it’s advisable to disable or uninstall Adobe Flesh Player altogether. Stay safe. At least, try to.
-Source:Hackread

0 comments:

Post a Comment