Updated:06:15 PM EST Nov 13


this is ggmania.com subsite A critical Adobe Flash Player zero-day vulnerability - TechAmok

A critical Adobe Flash Player zero-day vulnerability - [security]
02:06 PM EST - Feb,03 2018 - post a comment

Adobe's Flash Player has been the cause of security concerns over the past few years with lots of attackers targeting the particular software. A few months ago, Kaspersky Lab discovered a Flash vulnerability through Microsoft Word, and in February 2017, even Microsoft was forced to release a critical security update for Flash on Windows, separate from its Patch Tuesday schedule. Now, another zero-day vulnerability has been discovered in the software, which allows Remote Code Execution (RCE) on various platforms. According to Adobe, it is already being utilized against Windows users on a limited scale. The latest security issue has been discovered by South Korea's CERT and has been reported in detail by Cisco Systems' Talos group. According to the security researchers, the exploit is carried out by embedding a Flash SWF file in a Microsoft Excel document. In the limited number of attacks carried out using this vulnerability so far, opening this document allows the Flash object to download the ROKRAT payload from malicious websites, load it into the memory and execute it. ROKRAT is a Remote Administration Tool that is used in cloud platforms to procure documents. According to Talos, a group named "Group 123" is the perpetrator of ROKRAT, but this is the first time that it has utilized a zero-day vulnerability. The security researchers go on to say that:
Group 123 have now joined some of the criminal elite with this latest payload of ROKRAT. They have used an Adobe Flash 0 day which was outside of their previous capabilities - they did use exploits in previous campaigns but never a net new exploit as they have done now. This change represents a major shift in Group 123s maturity level, we can now confidentially assess Group 123 has a highly skilled, highly motivated and highly sophisticated group. Whilst Talos do not have any victim information related to this campaign we suspect the victim has been a very specific and high value target. Utilizing a brand new exploit, previously not seen in the wild, displays they were very determined to ensure their attack worked.


Add your comment (free registrationrequired)

Short overview of recent news articles

Nov,13 2018 NVIDIA GeForce 416.94 WHQL Drivers
Nov,13 2018 Windows 10 October Update Version 1809 re-released
Nov,13 2018 Intel i9-9980XE: Disappointing Overclocker, But Good Stock
Nov,13 2018 Apple Rolls Out iPhone X Display Replacement Program
Nov,13 2018 Intel Shows Off Its 5G Modem, Bound for Phones, PCs and More
Nov,13 2018 Eiza Gonzalez Is An Amazing Talent!
Nov,13 2018 Emily Ratajkowski In A Bikini Will Mess Your Brain
Nov,12 2018 Stan Lee Has Passed Away at the Age of 95
Nov,12 2018 Steam Bug Allowed Games to be Downloaded for Free
Nov,12 2018 Xbox Black Friday Deals Include Console Price Drop
Nov,11 2018 Mr Bean in Room 426 - Episode 8
Nov,11 2018 Samsung will release over 1 million foldable phones in the first
Nov,11 2018 This Trick Won The Magic World Championships
Nov,10 2018 Intel Core i9-9900K Re-Reviewed, 95-Watt TDP Results
Nov,10 2018 Apple BANS third parties from selling refurb Macbooks on Amazon
Nov,09 2018 LIKE A BOSS COMPILATION #26 AMAZING Videos 7 MINUTES
Nov,09 2018 Amazon Will Sell New Apple iPhones, iPads, and More
Nov,09 2018 Samsung Is Bringing the Linux Environment to Smartphones
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs