
Adobe tackles Hacking Team zero-day vulnerability - wglb
http://www.zdnet.com/article/adobe-tackles-hacking-team-zero-day-vulnerability/
======
david_shaw
Adobe tends to catch a lot of flak with regard to security... and a lot of it
is well-deserved. It's nice to see that they saw a problem, and immediately
began work on a fix -- for those people with Flash still enabled, it'll be
nice to have a security hotfix :)

~~~
sarciszewski
An impressive turnaround from "we use 3DES-ECB as a password hashing function"
to "we identified and fixed 0days in our product fast enough to meet a project
zero deadline".

------
SchizoDuckie
Flash should have been AFL-Fuzzed (Or something similar) a long time ago and
this should have been found proactively. Flash hasn't been on my computer for
ages and I urge you to do the same thing.

~~~
TheCapn
Apologies from straying from the topic at hand but "Fizzbuzzed"? That's a verb
now? And its meaning is nothing to do with typical hiring process that
FizzBuzz is popular for?

~~~
SchizoDuckie
Sorry, tech-term-mixup in my brain. I meant AFL-Fuzzed ofcourse.
([http://lcamtuf.coredump.cx/afl/](http://lcamtuf.coredump.cx/afl/))

~~~
moyix
AFL-Fuzz is great, but it isn't going to find everything. Some things I can
think of that might make finding this difficult with afl-fuzz:

* Flash is a scripting language. It's very hard for a fuzzer with no domain knowledge (like AFL-fuzz) to fuzz language-level constructs, since the vast majority of random inputs are trivially invalid.

* Flash is typically embedded in a larger program like a browser; this makes it much more expensive to test (browsers have long startup times, and are very slow when run under the kind of instrumentation needed to detect things like use after free bugs)

Unfortunately there's no silver bullet for finding vulnerabilities...

~~~
SchizoDuckie
While I agree with this, Adobe does have the knowledge and skills to hook a
fuzzer into their Flash source on sandboxes and vm's, and basically let a
fuzzer rip. When you build one of the most installed pieces of software in the
world, you should take that responsibility.

~~~
kodablah
AFL works from the outside (and even accepts certain keywords to "hint" the
fuzzer)...so really anyone could run it against Flash having it generate
SWF's. But it'd probably take a really long time to find anything.

------
Someone1234
There's a typo in the article:

> user-after-free (UAF)

Should be "use-after-free" (no r on use).

Edit: Actually looks like the typo was in the origin Trend Micro blog post and
the author just copied the typo into their article 1:1.

