We should not worry because there are security holes in our equipment, although it is evidence that they exist. Many of them have not been exploited yet, hence so much effort and resources are spent to detect and patch them as soon as possible. On the stage of Black Hat Asia This year, a conference that took place in Singapore focused on computer security, a tool has been presented that has discovered 134 security holes in two of the most used programs in the world.
Some of these holes are dangerous
This tool, called “Cooper”, has proven to be quite efficient when it comes to its operation. All these security flaws have been discovered by her, although it should be noted that the 134 are not as dangerous. Of all this amount, there is a total of 59 that the developers of both software have considered worth fixing; 33 who have been assigned a CVE number, and 17 who have even been given a “reward” that will be taken by the one or those who manage to solve it.
This code, in the words of Xu Peng and the rest of his contributors, “is prone to inconsistent semantics and security holes, leading to serious vulnerabilities.” As we have told you a little above, not all of these security flaws are equally serious, but, for example, we have two of them (CVE-2021-21028 and CVE-2021-21035) that are very important and have been dice a score of 8.8 out of 10 in Acrobat.
A tool that can give a lot to talk about
The development of “Cooper” This is great news for computer security.. It has been developed by Xu Peng and Professor Purui Su, both from the Chinese Academy of Sciences, security researcher Yanhao Wang from the QI-ANXIN Institute of Technology Research, and Hong Hu, an assistant professor from Pennsylvania State University.
The tool itself is a set of scripts that manages to infer in the process by which some scripts or applications can produce unwanted and/or dangerous behavior. Their creators They have made it available to everyone for free.so if you are curious to know more about it, all you have to do is go to its website on GitHub.