If you have already uninstalled Flash Player, congratulations! But if you did not do it, here’s another good reason to abandon it.
Adobe has released a security patch update for a critical vulnerability in its Flash Player zero-day exploit that is actively exploited in nature by hackers as part of targeted attacks against Windows users.
Discovered independently last week by several security companies, including ICEBRG, Qihoo 360 and Tencent, the zero-day attacks of Adobe Flash Player are aimed primarily at Middle Eastern users using a specially crafted Excel spreadsheet.
“Hackers have carefully created an Office document that remotely loaded the Flash vulnerability: when the document was opened, all the exploit code and the malicious load were delivered via remote servers,” he released the analysis. vulnerability.
The stack-based buffer overflow vulnerability, followed as CVE-2018-5002, affects Adobe Flash Player 22.214.171.124 and earlier versions on Windows, MacOS, and Linux, as well as Adobe Flash Player for Google Chrome and can be exploited to obtain the execution of arbitrary code on targeted systems.
The vulnerability is in the code of the Flash Player zero day exploit interpreter handling static-init methods, which does not correctly handle exceptions for try/catch statements.
“Because Flash assumes that it is impossible to execute the catch block while processing the try catch statement, it does not check the bytecode in the catch block,” the researchers explain. “The attacker uses the getlocal, setlocal statement in the catch block to read and write arbitrary addresses in the stack.”
The registration date of a web domain, which mimics a job search site in the Middle East, used as a command and control server (C & C) for zero-day attacks, suggests that hackers are preparing for the attack since February.
In addition to the hotfix for CVE-2018-5002, Adobe has also implemented security updates for two “major” vulnerabilities, including the integer overflow bug (CVE-2018-5000) and a reading problem (CVE-2018- 5001), which lead to the disclosure of information.
Users are therefore advised to update Adobe Flash Player to versions 126.96.36.199 immediately via their update mechanism in the software or by visiting the Adobe Flash Player Download Center.