Flash Player vulnerabilities are pretty much one of the most common issues that everyone who uses a web browser faces. A recent attack via custom crafted e-mails with malicious attachments infected Adobe Flash Player on Internet Explorer for Windows platforms and targeted defense-related businesses. Alarming as it is, any intrusion on the line of this industry may not only expose trade secrets, but also place nations’ welfare and physical and virtual security at high risk. But, Adobe was relatively quick to respond and released a security bulletin to rebuild the confidence of the users in the system and updated Flash Player version.
Affected versions of the recent attacks include Adobe Flash Player 22.214.171.124 and earlier versions for Windows, Macintosh and Linux operating systems and Adobe Flash Player 126.96.36.199 and earlier versions for Android 4.x, and Adobe Flash Player 188.8.131.52 and earlier versions for Android 3.x and 2.x. In a Symantec blog post, the security giant provided details on the attacks and how these are aimed at the manufacturers of products used by the defense industry: “The malicious documents contain an embedded reference to a malicious Flash file hosted on a remote server. When the Flash file is acquired and opened, it sprays the heap with shellcode and triggers the CVE-2012-0779 exploit. Once the shellcode gains control, it looks for the payload in the original document, decrypts it, drops it to disk, and executes it.”
SecurityWeek also noted a statement from the cloud, virtual and mobile security solutions provider: “The malware authors created several junk documents for such display. Some used scraps of information from public press releases and some were written with the pretext of inviting the recipient to conferences. Others contained random data.”
Adobe recommends existing users of Adobe Flash Player 184.108.40.206 and earlier versions for Windows, Macintosh and Linux to update to Adobe Flash Player 220.127.116.11. Users of Adobe Flash Player 18.104.22.168 and earlier versions on Android 4.x devices are advised to upgrade to Adobe Flash Player 22.214.171.124. Users of Adobe Flash Player 126.96.36.199 and update earlier versions for Android 3.x and earlier versions should to Flash Player 188.8.131.52. Google Chrome was updated automatically, thus, no user action is deemed critical.
This was not the first time that Adobe had to firefight a security concern. It was in December of the previous year when researchers at the Lockheed Martin Computer Incident Response Team (CRT) and members of the Defense Security Information Exchange discovered that a number of Adobe products are being exploited by hackers. Engineers at Adobe were quick to respond and promised resolution within a week’s time. It was also the same time when Symantec confirmed an attack of Trojan Sykipot against defense contractors. Together with other companies, defense contractors also phishing attempts circulating using maliciously coded e-mails containing infected PDF documents.
Adobe launched an improved Flash Player in February but insecurities are reported to still be existing and threatening the system once aggravated of fueled by malicious attacks. Just recently, Microsoft patched a zero-day flaw in Hotmail.