/?pid=19399

Updated:09:26 AM EST Nov 29
this is ggmania.com subsite

NEWS
rss feed 
 
top 100
archive
ARTICLES
CD/DVD tools
Free Antivir
Security
Drivers
Utilities
FORUMS
LINKS


(C) 2006-2025 TechAmok Independent
All Rights Reserved.


 
 A critical Adobe Flash Player zero-day vulnerability - TechAmok

A critical Adobe Flash Player zero-day vulnerability - [security]
02:06 PM EST - Feb,03 2018 - post a comment

Adobe's Flash Player has been the cause of security concerns over the past few years with lots of attackers targeting the particular software. A few months ago, Kaspersky Lab discovered a Flash vulnerability through Microsoft Word, and in February 2017, even Microsoft was forced to release a critical security update for Flash on Windows, separate from its Patch Tuesday schedule. Now, another zero-day vulnerability has been discovered in the software, which allows Remote Code Execution (RCE) on various platforms. According to Adobe, it is already being utilized against Windows users on a limited scale. The latest security issue has been discovered by South Korea's CERT and has been reported in detail by Cisco Systems' Talos group. According to the security researchers, the exploit is carried out by embedding a Flash SWF file in a Microsoft Excel document. In the limited number of attacks carried out using this vulnerability so far, opening this document allows the Flash object to download the ROKRAT payload from malicious websites, load it into the memory and execute it. ROKRAT is a Remote Administration Tool that is used in cloud platforms to procure documents. According to Talos, a group named "Group 123" is the perpetrator of ROKRAT, but this is the first time that it has utilized a zero-day vulnerability. The security researchers go on to say that:
Group 123 have now joined some of the criminal elite with this latest payload of ROKRAT. They have used an Adobe Flash 0 day which was outside of their previous capabilities - they did use exploits in previous campaigns but never a net new exploit as they have done now. This change represents a major shift in Group 123s maturity level, we can now confidentially assess Group 123 has a highly skilled, highly motivated and highly sophisticated group. Whilst Talos do not have any victim information related to this campaign we suspect the victim has been a very specific and high value target. Utilizing a brand new exploit, previously not seen in the wild, displays they were very determined to ensure their attack worked.


Add your comment (free registrationrequired)

Short overview of recent news articles

Nov,29 2025 20 TOP ALIEXPRESS products for BLACK FRIDAY
Nov,26 2025 Stop Wasting Money on Premium Monitors
Nov,23 2025 The Blackest Friday - Tech News Nov 23
Nov,23 2025 T-Roc: Will this new VW be the best car of 2026?
Nov,23 2025 Can I build my own Steam Machine?
Nov,22 2025 50 NEXT-LEVEL Gadgets Every Man NEEDS to See
Nov,22 2025 RETURN TO SILENT HILL Trailer (2026)
Nov,20 2025 I was WRONG about the Porsche 911 GT3 (or was I?)
Nov,20 2025 Pi GPT Tool Turns Raspberry Pi into a ChatGPT-Powered Smart Device
Nov,17 2025 Rainbow Six Siege X - Official 'Team Rainbow's Last Mission'
Nov,17 2025 Stranger Things Seasons 1-4 Recap
Nov,16 2025 Kill Bill: The Whole Bloody Affair - Official Trailer (2025) Uma
Nov,15 2025 The Devil Wears Prada 2 - Official Teaser Trailer (2026) Meryl
Nov,15 2025 Valve’s New Console and Controller - STEAM Machine & STEAM
Nov,15 2025 Valve Steam Machine, Desktop SteamOS, Steam Frame VR, & Controller |
Nov,01 2025 Battlefield REDSEC - Official Live-Action Trailer
Nov,01 2025 What's the Best PC Upgrade (besides CPU/GPU)?
Oct,31 2025 Directive 8020 - RTX On Trailer
Oct,30 2025 Stranger Things 5 - Official Trailer
Oct,29 2025 AMD Releases Software Adrenalin Edition 25.10.2 WHQL Drivers
Oct,29 2025 Exploding AMD CPUs | Investigating ASRock's Murderboards
Oct,29 2025 Setting Up Our First Huge Gaming Event was CHAOS
Oct,27 2025 Malware of the Future: What an infected system looks like in 2025
Oct,27 2025 F1: Race Highlights | 2025 Mexico City Grand Prix
Oct,26 2025 F1: Qualifying Highlights | 2025 Mexico City Grand Prix
Oct,25 2025 New Big Windows 11 25H2 October Update - New Taskbar Battery Icons
Oct,25 2025 Apple Prepping 'Transfer to Android' Feature, Including 3rd-Party
Oct,24 2025 HW News - RIP Internet, RAM Prices Skyrocket from AI Demand, Intel
Oct,21 2025 Retro Gaming PC Upgrades go WRONG!
Oct,21 2025 How social media has ruined us - the more time you spend online, the
Oct,20 2025 FERRARI 12 CILINDRI // 340KMH REVIEW on AUTOBAHN
Oct,20 2025 ROG Xbox Ally X - a PC Gamer's Perspective
Oct,20 2025 Race Highlights | 2025 United States Grand Prix
Oct,18 2025 RedMagic Puts Liquid Cooling in its New Gaming Phone
Oct,18 2025 Russia Says U.S. Is Planning a $37 Trillion Crypto Reset
Oct,18 2025 Tor Browser says no to Firefox's AI features as it removes them
Oct,14 2025 NVIDIA GeForce 581.57 WHQL Driver
Oct,13 2025 Samsung One UI 8.5 vs iOS 26 - COMPARISON
Oct,12 2025 Google Turned Down by Supreme Court, Must Open up App Payments
Oct,10 2025 AMD releases new 25.10.1 preview graphics driver with Battlefield 6
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.02secs