Adobe Fixes Flash Zero Day

Wednesday, April 30, 2014 @ 04:04 PM gHale


Adobe created an update for it s Flash Player for Windows, Mac and Linux, as a newly discovered Zero Day vulnerability affecting the software is undergoing active hits in the industry.

In the security bulletin the company published to warn users and urge them to update, Kaspersky Lab researcher Alexander Polyakov gained credit for discovering the attacks.

RELATED STORIES
After False Start, Apache Struts Fixed
DoS Risk with Apache Tomcat Servers
DDoS Attacks Break Records
DDoS Attacks: Smarter, Faster, Severe

The researchers discovered two separate SWF exploits that took advantage of the vulnerability, located in the Pixel Bender component, designed for video and image processing.

The exploits are in two .swf files, and both end up positioned in a innocuous-looking folder on a compromised site.

“The site was launched back in 2011 by the Syrian Ministry of Justice and was designed as an online forum for citizens to complain about law and order violations. We believe the attack was designed to target Syrian dissidents complaining about the government,” said Kaspersky Lab researcher Vyacheslav Zakorzhevsky.

The victims end up redirected to the exploits using a frame or a script located at the site and, according to the company’s products’ detections, seven unique users located in Syria ended up affected.

“It’s likely that the attack was carefully planned and that professionals of a pretty high caliber were behind it,” Zakorzhevsky said. The exploits are well-written, and the fact a vulnerability in the no longer supported Pixel Bender component was the target seems to imply they didn’t want the exploit seen for a long time.

“We are sure that all these tricks were used in order to carry out malicious activity against a very specific group of users without attracting the attention of security solutions. We believe that the Cisco add-in may be used to download/implement the payload as well as to spy directly on the infected computer,” Zakorzhevsky said.



Leave a Reply

You must be logged in to post a comment.