After adobe flash’s June patch, we noticed that adobe has introduced a new exploit mitigation technique in the latest flash player, which is the Memory Protector. This new mitigation is aimed to fight against UAF exploits.
Memory protector mitigation for UAF exploit is not a brand-new technique, we had already seen this technique being used in Microsoft’s Internet Explorer as well as the Edge Browser. These years we have seen many flash use-after-free zero days exploited in the wild. We also used 3 UAF 0days in our chrome and flash exploits in this year’s pwn2own contest. So we are not surprised to see that adobe finally decided to add this technique into flash player to fight against flash use-after-free exploits.