Zero-day flaw affects every version of Adobe’s Flash Player

Attackers can persuade users to open Microsoft Office documents, web pages, and spam emails

Adobe Flash

The South Korean Computer Emergency Response Team (KR-CERT) has issued a security alert warning of a zero-day vulnerability affecting Adobe's Flash Player.

Deployed in the wild, the malicious code is said to affect the latest version of Flash (28.0.0.137) and earlier across all OS platforms, and is said to give attackers the ability to persuade users to open Microsoft Office documents, web pages, and spam emails.

The bug is also believed to come in the form of a Flash SWF file embedded in MS Word documents.

"An attacker can persuade users to open Microsoft Office documents, web pages, spam e-mails, etc. that contain Flash files that distribute the malicious [Flash] code," KR-CERT warned.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Adobe is now recommending that users disable or uninstall Adobe Flash Player from their systems until it issues a patch.

"Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. We plan to address this in a release scheduled for the week of February 5," Adobe said in its security advisory.

"Beginning with Flash Player 27, administrators have the ability to change Flash Player's behaviour when running on Internet Explorer on Windows 7 and below by prompting the user before playing SWF content."

Adobe recommended that administrators could also consider implementing Protected View for Office to help circumvent hacks as "Protected View opens a file marked as potentially unsafe in Read-only mode".

However, security expert Simon Choi of South Korean cyber firm Hauri, thinks there's much more to it than just your standard homebrew hacking. He tweeted that the zero-day flaw has been made and deployed by North Korean threat actors and used since mid-November 2017.

He added that hackers are using it to try and infect South Koreans researching North Korea.

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/public-sector/354608/uk-gov-launches-ps300000-sen-edtech-initiative
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020