South Korea's Computer Emergency Response Team (KR-CERT) issued an alarm Midweek for a novel Flash Player zero-day vulnerability that's beingness actively exploited inward the wild past times North Korean hackers to target Windows users inward South Korea.
Simon Choi of South Korea-based cybersecurity theater Hauri get-go reported the stimulate on Twitter, proverb the North Korean hackers possess got been using the Flash zero-day against South Koreans since mid-November 2017.
Although Choi did non percentage whatever malware sample or details almost the vulnerability, the researcher said the attacks using the novel Flash zero-day is aimed at South Korean individuals who focus on researching North Korea.
Adobe too released an advisory on Wednesday, which said the zero-day is exploiting a critical 'use-after-free' vulnerability (CVE-2018-4878) inward its Flash media software that leads to remote code execution.
- Desktop Runtime (Win/Mac/Linux)
- Google Chrome (Win/Mac/Linux/Chrome OS)
- Microsoft Edge in addition to Internet Explorer eleven (Win 10 & 8.1)
"Adobe is aware of a written report that an exploit for CVE-2018-4878 exists inward the wild, in addition to is beingness used inward limited, targeted attacks against Windows users," the advisory said. "These attacks leverage Office documents amongst embedded malicious Flash content distributed via email. Adobe volition address this vulnerability inward a release planned for the calendar week of Feb 5."
To exploit the vulnerability, all an assailant necessitate to practise is trace a fast 1 on victims into opening Microsoft Office documents, spider web pages, or spam messages that incorporate a maliciously crafted Adobe Flash file.
The vulnerability tin endure leveraged past times hackers to accept command of an affected computer.
Choi too posted a screenshot to exhibit that the Flash Player zero-day exploit has been delivered via malicious Microsoft Excel files.
Adobe said inward its advisory that the society has planned to address this vulnerability inward a "release planned for the calendar week of Feb 5," through KR-CERT advises users to disable or completely take away the buggy software.
Share This :
comment 0 Comments
more_vert