Adobe Fixes Flash 0-Day Exploited inside Wild by North Korean Hackers

  • Twitter
  • Facebook
  • Google+
  • Pinterest

After researchers and authorities warned against an Adobe Flash Player vulnerability utilized from the wild, the provider had promised to generate a patch recently. Adobe Flash Player version have been released the way to fix the issues exploited because of the attackers while in the version and earlier.

In its updated advisory, Adobe asserted that the business is “aware of an investigation the exploit for?CVE-2018-4878?exists in the wild, and is also utilized in limited, targeted attacks?against Windows users.” The attack that had been reported in an earlier piece leverages Office documents with embedded malicious Flash content distributed via?email. Alongside?CVE-2018-4878, the latest release also fixes?CVE-2018-4877 – both rated critical and may also enable attackers to try and do code remotely. The later was?reported to Adobe by bo13oy of Qihoo 360 using the services of Trend Micro\’s Zero Day Initiative (ZDI). Adobe believes this vulnerability hasn’t been applied to any known attacks.

Related[U] North Korea Have been Exploiting a Flash Player 0-Day Since November – Grants Attackers Full Control (Patch Unavailable)

Flash bug was basically reported by South Korean authorities and researchers

Last week, the South Korean Computer Emergency Response Team (KR-CERT) had issued a warning against targeted attacks that have been exploiting a currently undisclosed Flash Player zero-day vulnerability. In the warning, KR-CERT declared that an “attacker very likely be able?to convince a?user to spread out a Microsoft \’office\’ document, website, or spam mail containing a Flash file.”

South Korean researchers had claimed that?North Korean threat actors happen to be exploiting this Flash Player zero day since mid November, 2017, primarily targeting South Korean researchers?dedicated to North Korea.

FireEye later also asserted dependant on?IP addresses utilized to access command and control (C&C) servers, it is likely attackers are usually in North Korea. \”The many their targeting is South Korea focused, individuals government, military, and defense industrial base and various other industry,” FireEye wrote. “They have also taken a desire for predictable North Korean interests for instance unification efforts and defectors.”

Source: Adobe

Leave a Reply

Your email address will not be published.
Required fields are marked *