Palo Alto Networks Discovers Two Adobe Reader Privileged JavaScript Zero-Days

We recently discovered two zero-day vulnerabilities in Adobe Reader. Adobe has since released a patch (on October 6, 2016) to fix these vulnerabilities, which are named CVE-2016-6957 and CVE-2016-6958. These vulnerabilities could allow an attacker to compromise Adobe Reader by bypassing restrictions on JavaScript API execution (CVE-2016-6957) and security provisions that prevent arbitrary execution of

Palo Alto Networks Researchers Discover Two Critical Internet Explorer Vulnerabilities

Palo Alto Networks researchers discovered two new critical Internet Explorer (IE) vulnerabilities affecting IE versions 9, 10, and 11. Both are included in Microsoft’s July 2016 Security Bulletin, and documented in Microsoft Security Bulletin MS16-084. In our continued commitment to the security research community, these vulnerabilities were disclosed to Microsoft through our participation in the Microsoft Active Protections Program

Palo Alto Networks Researchers Discover Critical IE Vulnerabilities

Palo Alto Networks researchers Tongbo Luo and Hui Gao were credited with the discoveries of new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9, 10 and 11 on affected Windows clients. These vulnerabilities are documented in Microsoft Security Bulletin MS15-106 and MS15-112.

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Palo Alto Networks researcher Hui Gao was credited with the discovery of a new critical Microsoft vulnerability affecting Internet Explorer (IE) versions 9, 10 and 11. This vulnerability is covered in Microsoft’s March 2016 Security Bulletin and documented in Microsoft Security Bulletin MS16-023.

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Internet Explorer and Microsoft Edge

Palo Alto Networks researchers Bo Qu and Hui Gao were credited with the discovery of three new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9, 10 and 11 and Microsoft Edge. These vulnerabilities are covered in Microsoft’s December 2015 Security Bulletin and documented in Microsoft Security Bulletins MS15-125 and MS15-124. 

Palo Alto Networks Researcher Discovers Critical Vulnerabilities in Internet Explorer and Microsoft Edge

Palo Alto Networks researcher Bo Qu was credited with discovery of six new critical Microsoft vulnerabilities affecting Internet Explorer (IE) versions 7, 8, 9, 10 and 11 and Microsoft Edge. These vulnerabilities are covered in Microsoft’s November 2015 Security Bulletin and documented in Microsoft Security Bulletins MS15-112 and MS15-113. In our continuing commitment to the security

Palo Alto Networks Researcher Discovers Critical IE Vulnerability

Palo Alto Networks researcher Hui Gao was credited with discovery of a new critical Internet Explorer (IE) vulnerability affecting IE versions 6, 7, 8, 9, 10 and 11. CVE-2015-2548 is included in Microsoft’s October 2015 Security Bulletin and documented in Microsoft Security Bulletin MS15-109.

Palo Alto Networks Researchers Discover Critical Vulnerabilities in Internet Explorer and Adobe Shockwave Player

Palo Alto Networks researchers have been credited with discovery of new vulnerabilities affecting Adobe Shockwave Player and Microsoft Internet Explorer. Palo Alto Networks researcher Tongbo Luo discovered a critical vulnerability in Adobe Shockwave Player affecting Shockwave versions 12.1.9.160 and earlier for Windows. The vulnerability and upgrade instructions are detailed by Adobe in a Security Bulletin