Monday, December 4, 2023

Adobe Issues Patch for Critical Flash Player Zero-day Vulnerability : Its Time to Update

Adobe has released patches for critical zero-day vulnerabilities in Adobe Flash Player and earlier versions. The updates released for Windows, macOS, Linux and Chrome OS.

The vulnerability, tracked as CVE-2018-5002 was reported by various security firms ICEBRG, Qihoo 360 and Tencent earlier this week. The arbitrary code execution vulnerability resides with the version of Adobe Flash Player and it can be fixed with Adobe Flash Player

Adobe Flash Zero-day Exploited By Attackers

Attackers exploit the vulnerability with a crafted Microsoft Office document “salary.xlsx” to download and execute the flash exploit to victim computers. The attack primarily targets the users and organizations in the middle east.

Adobe Flash Zero-day

Attackers use to embed the flash file remotely to the Office documents through the ActiveX control and the exploit code is delivered by the remote server.

The attack starts by downloading and executing a remote Shockwave Flash (SWF) file and to evade detection in the SWF includes an RSA+AES cryptosystem.

Adobe Flash Zero-day

In the second stage of attack is to download and execute the shell file through the cryptosystem to gain control over the machine and to download additional tools.

Data transfer between the client and server protected by a customized cryptosystem “leveraging a symmetric cipher (AES), that protects the data payload and an asymmetric cipher (RSA) to protect the symmetric key.”

Also Read Adobe Released Security Updates for Adobe Acrobat ,Reader and Photoshop CC : Its Time to Update

The domain for C&C servers registered by attackers mimicking a job search site in the Middle East [people[.]doha****.[]com] and the domain was registered on 2018-02-18.

Adobe fixed the Vulnerability CVE-2018-5002 along with other vulnerabilities CVE-2018-4945 (Arbitrary Code Execution), CVE-2018-5000 (Information Disclosure), CVE-2018-5001 (Information Disclosure), CVE-2018-5002 (Arbitrary Code Execution).

If you are flash users it is highly recommended to update with Adobe Flash Player which includes a fix for all the vulnerabilities.


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles