› Forums › General › General Discussion › Windows Security › Yet another 0-day exploit in Adobe Flash Player…..
- This topic has 3 replies, 2 voices, and was last updated 9 years, 2 months ago by Anonymous.
- AuthorPosts
-
- 3rd February 2015 at 20:04 #44914
Yet another 0-day exploit in Adobe Flash Player…..
“Trend Micro Discovers New Adobe Flash Zero-Day Exploit Used in Malvertisements
Our researchers have discovered a new zero-day exploit in Adobe Flash used in malvertisement attacks.
The exploit affects the most recent version of Adobe Flash, and is now identified as CVE-2015-0313.
Our initial analysis suggests that this might have been executed through the use of the Angler Exploit Kit,
due to similarities in obfuscation techniques and infection chains.
According to our data, visitors of the popular site dailymotion.com were redirected to a series of sites that eventually led to the URL “hxxp://www.retilio.com/skillt.swf”, where the exploit itself was hosted.
It is important to note that infection happens automatically, since advertisements are designed to load once a user visits a site.
It is likely that this was not limited to the Dailymotion website alone,
since the infection was triggered from the advertising platform and not the website content itself.
Trend Micro detects this exploit as SWF_EXPLOIT.MJST and blocks the URL mentioned above.
The ads from this particular infection chain appear to be down as of this writing.We have been monitoring this attack since January 14,
and saw a spike in the hits to the IP related to the malicious URL around January 27.
According to data from the Trend Micro™ Smart Protection Network™, most of the users who accessed the malicious server related to the attack are from the United States.
“Security Advisory for Adobe Flash Player
Release date: February 2, 2015
Vulnerability identifier: APSA15-02
CVE number: CVE-2015-0313
Platform: All PlatformsSummary
A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh.
Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.Adobe expects to release an update for Flash Player during the week of February 2.
For more information on updating Flash Player please refer to this post.
“
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html - 6th February 2015 at 15:34 #61146Anonymous
Adobe has released an update (16.0.0.305) now, it has been available for hours.
But for some odd reason it´s still not available for direct-download !?
You have to download it from their Player Download CenterThis is very annoying, forcing people to download from their download-center,
just so they can trick people into installing unnessecary software. 🙁Note: be careful, because they try to get you to install the “McAfee Security Scan Plus utility”,
which you do not need in order to update Adobe Flash Player.
Unless you really want it, make sure that you uncheck that option.Or you can wait until Adobe wakes up and releases the update for direct-download…
Direct-download
ADOBE FLASH PLAYER, FIREFOX, OPERA AND OTHER BROWSERS
ADOBE FLASH PLAYER, INTERNET EXPLORER
All this makes you look for the day when Adobe Flash Player is dead, and you don´t need it anymore…. 😉
More info: viewtopic.php?f=57&t=2884 - 6th February 2015 at 18:25 #61147Anonymous
The update is now available for direct-download:
- 6th February 2015 at 18:25 #61156Anonymous
The update is now available for direct-download:
- AuthorPosts
- You must be logged in to reply to this topic.