Adobe Patches Zero Day Hole
Thursday, June 16, 2016 @ 05:06 PM gHale
Adobe just released a new version of Flash Player, fixing 36 security issues, one of which is a Zero Day vulnerability.
Adobe issued an advisory about the Zero Day Tuesday when it revealed Kaspersky Lab found live attacks using the Flash hole.
Kaspersky researcher Costin Raiu said his company came across computers compromised by the StarCruft cyber-espionage group in two different campaigns, one they named Operation Daybreak and one Operation Erebus.
StarCruft hackers used the Flash Zero Day to trigger a memory corruption bug in Flash Player, which allowed them to execute code on the victim’s machine and take over the device.
Besides the Zero Day (CVE-2016-4171), the group also employed other Flash exploits such as CVE-2016-4117 and CVE-2016-0147, the latter of which was a Zero Day the company patched in April.
The recent Flash Player Zero Day works on all versions of Flash, but Raiu said Microsoft EMET, if installed, would be able to block exploitation.
Adobe also fixed other issues in Flash, such as two type confusion vulnerabilities, six use-after-free issues, three heap buffer overflow problems, one directory search path bug, and 22 memory corruption issues. All led to remote code execution and allowed attackers to run code on targeted machines.
Updates for Flash running on Windows, Mac, and Linux released and are available for download. The latest Adobe Flash Player version numbers are 126.96.36.199 for Windows and Mac, and 188.8.131.526 for Linux.