Friday, December 8, 2023

Adobe Issues Patch for Critical Flash Player Zero-day Vulnerability : Its Time to Update

Adobe has released patches for critical zero-day vulnerabilities in Adobe Flash Player
29.0.0.171 and earlier versions. The updates released for Windows, macOS, Linux and Chrome OS.

The vulnerability, tracked as CVE-2018-5002 was reported by various security firms ICEBRG, Qihoo 360 and Tencent earlier this week. The arbitrary code execution vulnerability resides with the version of Adobe Flash Player 29.0.0.171 and it can be fixed with Adobe Flash Player 30.0.0.113.

Adobe Flash Zero-day Exploited By Attackers

Attackers exploit the vulnerability with a crafted Microsoft Office document “salary.xlsx” to download and execute the flash exploit to victim computers. The attack primarily targets the users and organizations in the middle east.

Adobe Flash Zero-day

Attackers use to embed the flash file remotely to the Office documents through the ActiveX control and the exploit code is delivered by the remote server.

The attack starts by downloading and executing a remote Shockwave Flash (SWF) file and to evade detection in the SWF includes an RSA+AES cryptosystem.

Adobe Flash Zero-day

In the second stage of attack is to download and execute the shell file through the cryptosystem to gain control over the machine and to download additional tools.

Data transfer between the client and server protected by a customized cryptosystem “leveraging a symmetric cipher (AES), that protects the data payload and an asymmetric cipher (RSA) to protect the symmetric key.”

Also Read Adobe Released Security Updates for Adobe Acrobat ,Reader and Photoshop CC : Its Time to Update

The domain for C&C servers registered by attackers mimicking a job search site in the Middle East [people[.]doha****.[]com] and the domain was registered on 2018-02-18.

Adobe fixed the Vulnerability CVE-2018-5002 along with other vulnerabilities CVE-2018-4945 (Arbitrary Code Execution), CVE-2018-5000 (Information Disclosure), CVE-2018-5001 (Information Disclosure), CVE-2018-5002 (Arbitrary Code Execution).

If you are flash users it is highly recommended to update with Adobe Flash Player 30.0.0.113 which includes a fix for all the vulnerabilities.

Website

Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles