Beware!! New Zero-day Vulnerability Found in Adobe Flash Player – Still No Patches Available

Adobe Flash Player now suffering from brand New Zero-day vulnerability with high severity rate and researchers believes that it cause a Severe impact on ActiveX Support browsers which leads to compromise the Windows PC.

Zero-day vulnerabilities are referred to attacks on vulnerabilities that have not been patched or made public.

This critical Zero-day vulnerability is presenting in current Adobe Flash Player ActiveX 28.0.0.137 and earlier versions.

In this case, this major Zero-day flaw mainly spreading via Microsoft office document or spam mail that contain a Malicious flash file.

South Koren Cyber Emergency Response Team(KR-CERT) Released Emergency notes that says, “This vulnerability only on user’s who all are using Internet Explorer (IE) be influenced chrome (chrome) until a patch is available using Firefox (FireFox) is recommended”

Security Researcher from Hauri, Inc.said, “Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea.”

Adobe users have to beware of this severe Zero-day Until Adobe releases the security patch for this Vulnerability.

Also Read: Security Bug Affected 300,000 Oracle Point of Sale Systems Puts the Critical Business Data at Risk

Temporary Mitigation for this Zero-day Vulnerability

  • Remove the flash player from computer Until Adobe releases a security patch for the vulnerability.
  • do not trust the website Scion visits and the source does not open an unknown email attachment viewing prohibited and links
  • keep the latest updates of antivirus programs, and enable real-time monitoring
  • Use Firefox  until a patch is available
Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…

5 hours ago

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…

5 hours ago

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…

5 hours ago

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…

5 hours ago

New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine

A security researcher discovered a vulnerability in Windows theme files in the previous year, which…

6 hours ago

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…

6 hours ago