A group of researchers has found 42 zero-day flaws in a range of software tools using a new take on an old concept called fuzzing. Instead of analysing a programs structure, the researchers created a map of the input file structure. This map describes the file format and shows where different parts (chunks) of the file begin and end along with how each chunk differs from others. It then uses these to feel its way through the program, increasing its coverage by exploring variants on interesting files that can expose more bugs.”]
Source: https://nakedsecurity.sophos.com/2018/12/03/faster-fuzzing-ferrets-out-42-fresh-zero-day-flaws/