Zero-day flaw affects every version of Adobe’s Flash Player

Attackers can persuade users to open Microsoft Office documents, web pages, and spam emails

Adobe Flash

The South Korean Computer Emergency Response Team (KR-CERT) has issued a security alert warning of a zero-day vulnerability affecting Adobe's Flash Player.

Deployed in the wild, the malicious code is said to affect the latest version of Flash (28.0.0.137) and earlier across all OS platforms, and is said to give attackers the ability to persuade users to open Microsoft Office documents, web pages, and spam emails.

The bug is also believed to come in the form of a Flash SWF file embedded in MS Word documents.

"An attacker can persuade users to open Microsoft Office documents, web pages, spam e-mails, etc. that contain Flash files that distribute the malicious [Flash] code," KR-CERT warned.

Adobe is now recommending that users disable or uninstall Adobe Flash Player from their systems until it issues a patch.

"Adobe is aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users. We plan to address this in a release scheduled for the week of February 5," Adobe said in its security advisory.

"Beginning with Flash Player 27, administrators have the ability to change Flash Player's behaviour when running on Internet Explorer on Windows 7 and below by prompting the user before playing SWF content."

Adobe recommended that administrators could also consider implementing Protected View for Office to help circumvent hacks as "Protected View opens a file marked as potentially unsafe in Read-only mode".

However, security expert Simon Choi of South Korean cyber firm Hauri, thinks there's much more to it than just your standard homebrew hacking. He tweeted that the zero-day flaw has been made and deployed by North Korean threat actors and used since mid-November 2017.

He added that hackers are using it to try and infect South Koreans researching North Korea.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020
36 billion personal records exposed by hacks in 2020 so far
Security

36 billion personal records exposed by hacks in 2020 so far

29 Oct 2020
Trump website defaced in second successive cyber breach
Security

Trump website defaced in second successive cyber breach

28 Oct 2020

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Politicians need to stop talking about technology
Policy & legislation

Politicians need to stop talking about technology

21 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020