SECURITY
SECURITY
SECURITY
Adobe releases update for serious Flash vulnerability that’s actively getting exploited
Adobe Systems Inc. today released an urgent update for Flash after the discovery of a serious security vulnerability that’s being used by a group against targets in Russia.
First detected by cybersecurity firm Gigamon, the vulnerability, dubbed CVE-2018-15982, allows for a maliciously crafted Flash object to execute code on a victim’s computer, enabling the attacker to gain command line access to the given system.
The attack using the vulnerability was first detected Nov. 29 and surprisingly was targeting a Russian state healthcare clinic. The distribution used a Russian language Microsoft Word document that was masquerading as an employment application. According to Gigamon, the document contains seven pages of personal questions that typically would be in an employment application.
As is usual with spear phishing campaigns, the Word document included malicious code, in this case, an embedded Flash Active X control in the header that renders upon document opening and causes exploitation of the Flash player within Office. “Following exploitation, a malicious command is executed that attempts to extract and execute an accompanying payload,” the Gigamon security researchers explained.
The origin of the attack is unknown, though it did occur only days after Russian warships seized Ukrainian vessels in the Kerch Strait. Gigamon noted that the final payload in the attack is a variant of the Scout malware from notorious Italian spyware vendor Hacking Team.
Although the vulnerability so far has been detected only in Russia, the urgency of Adobe’s release of the patch highlights how serious it potentially is.
In a security bulletin, Adobe said the vulnerability was present in Adobe Flash Player for Windows, macOS, Linux and Chrome OS and involved one critical vulnerability in Adobe Flash Player and another in Adobe Flash Player installer.
Modern browsers now mostly block Flash content from loading, but many computer users still have the software installed. This vulnerability is independent of browser usage, so it’s recommended that users make sure that their Flash installation is up to date, including this latest security patch.
Image: Thiemo Gillissen/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
