06 Feb 2018
Emerging Threat: Adobe Flash Player Zero-Day Vulnerability being exploited
An increasingly sophisticated hacking group is exploiting a zero-day vulnerability in Adobe's Flash Player that allows them to take full control of infected machines.
A zero-day vulnerability is a software vulnerability for which a patch or a fix is not yet available. Hackers can exploit this vulnerability to carry out cyber attacks on the affected systems.
This critical vulnerability is indexed as CVE-2018-4878 and resides in the latest version of the widely installed Flash. Adobe’s most recent Flash Player 28.0.0.137 and earlier versions are impacted.
This critical vulnerability affects Adobe Flash Player version 28.0.0.137 and earlier versions for:
Desktop Runtime (Win/Mac/Linux)
Google Chrome (Win/Mac/Linux/Chrome OS)
Microsoft Edge and Internet Explorer 11 (Win 10 & 8.1)
Adobe plans to patch the issue in an update expected to be released during the week of 5th February 2018.
Technical Details
The zero-day is believed to be a Flash SWF file embedded in MS Word documents. Adobe said the zero-day is exploiting the vulnerability -2018-4878, a critical remote code execution bug. These attacks leverage Office documents with embedded malicious Flash content distributed via email.
To exploit the vulnerability, all an attacker need to do is lure victims into opening Microsoft Office documents, web pages, or spam messages that contain a maliciously crafted Adobe Flash file. The vulnerability can then be leveraged by hackers to take control of an affected computer.
How to Protect Yourself?
- Uninstall Flash if you do not need it.
- Grab and install Adobe’s update as soon as you can. If you uninstalled Flash as a precaution, do not reinstall it until the new version is out.
- Until a patch is distributed, it is recommended that users remove Flash Player, avoid opening suspicious emails, and keep anti-virus programs updated.
- As a best practice, we recommend that users reduce their exposure to vulnerabilities by turning off any plugins or extensions, which they do not use on a regular basis.
- It is recommended that users refrain from using Microsoft’s Internet Explorer browser and use Mozilla’s Firefox browser instead.
- The best way to stay protected right now is to uninstall Flash until a fix becomes available next week.
- Note that just turning off Flash in your browser is not enough – that prevents Flash files embedded in web pages from rendering inside your browser, but does not remove the Flash playing software from your computer as a whole.
More information can be found on the following links:
- https://helpx.adobe.com/security/products/flash-player/apsa18-01.html
- https://thehackernews.com/2018/02/flash-zero-day-exploit.html
- https://nakedsecurity.sophos.com/2018/02/02/adobe-warns-of-flash-zero-day-patch-to-come-next-week/
- https://arstechnica.com/information-technology/2018/02/theres-a-new-adobe-flash-0day-and-up-and-coming-hackers-are-exploiting-it/
- https://www.scmagazine.com/attackers-exploiting-critical-adobe-flash-player-zero-day-bug-no-patch-until-next-week/article/741462/
For more information on the topic and our Cyber Security Solutions & Services, please contact us by mail security@birger.technology.