A new critical Adobe Flash Player zero-day vulnerability has been reported in the wild. The vulnerability identified as CVE-2018-4878  is currently believed to be actively being exploited against South Koreans. According to the South Korean Computer Emergency Response Team which discovered the zero-day, the zero-day is believed to be a Flash SWF file embedded in MS Word documents. An attacker just needs to convince a user to open a Microsoft Office document, web page, or a spam mail containing the Flash file and can take complete control of the underlying system.

Adobe has released an advisory (APSA18-01) acknowledging the existence of this critical vulnerability. According to Adobe,

Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. These attacks leverage Office documents with embedded malicious Flash content distributed via email. Adobe will address this vulnerability in a release planned for the week of February 5.


Affected versions of Adobe Flash Player:

  • Flash Player versions 28.0.0.137 and earlier for Windows, Macintosh, and Linux.
  • Flash Player version  28.0.0.137 and earlier for Adobe Flash Player for Google Chrome.
  • Flash Player version 28.0.0.137 and earlier for Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 and Windows 8.1.

  • Recommendation:

    Until Adobe releases a security patch for the vulnerability following temporary recommendations can be employed,

    • Implement Protected View for Office. Protected View opens a file marked as potentially unsafe in read-only mode.
    • Change Flash Player’s behavior prompting the user before playing SWF content.
    • Remove Adobe Flash Player if not required.
    • Do not open an unknown email attachment, links, office documents etc.
    • Do not download anything from unknown sources or sites.
    • Always use latest updates of antivirus programs, and enable real-time monitoring.

    SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates (as soon as patches are avaialble). Download Saner now and keep your systems updated and secure.


    Summary
    Alert: Adobe Flash Zero-Day RCE Vulnerability
    Article Name
    Alert: Adobe Flash Zero-Day RCE Vulnerability
    Author
    Publisher Name
    SecPod Technologies
    Publisher Logo

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You may use these HTML tags and attributes:

    <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>