Beware!! New Zero-day Vulnerability Found in Adobe Flash Player – Still No Patches Available

Adobe Flash Player now suffering from brand New Zero-day vulnerability with high severity rate and researchers believes that it cause a Severe impact on ActiveX Support browsers which leads to compromise the Windows PC.

Zero-day vulnerabilities are referred to attacks on vulnerabilities that have not been patched or made public.

This critical Zero-day vulnerability is presenting in current Adobe Flash Player ActiveX 28.0.0.137 and earlier versions.

In this case, this major Zero-day flaw mainly spreading via Microsoft office document or spam mail that contain a Malicious flash file.

South Koren Cyber Emergency Response Team(KR-CERT) Released Emergency notes that says, “This vulnerability only on user’s who all are using Internet Explorer (IE) be influenced chrome (chrome) until a patch is available using Firefox (FireFox) is recommended”

Security Researcher from Hauri, Inc.said, “Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea.”

Adobe users have to beware of this severe Zero-day Until Adobe releases the security patch for this Vulnerability.

Also Read: Security Bug Affected 300,000 Oracle Point of Sale Systems Puts the Critical Business Data at Risk

Temporary Mitigation for this Zero-day Vulnerability

  • Remove the flash player from computer Until Adobe releases a security patch for the vulnerability.
  • do not trust the website Scion visits and the source does not open an unknown email attachment viewing prohibited and links
  • keep the latest updates of antivirus programs, and enable real-time monitoring
  • Use Firefox  until a patch is available
Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…

6 hours ago

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…

15 hours ago

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…

16 hours ago

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…

19 hours ago

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

20 hours ago

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term…

21 hours ago