Patched Adobe Still has Victims

Tuesday, November 15, 2011 @ 11:11 PM gHale


Once a company finds a vulnerability and then patches it, they have done their job. After that, it is up to the user to make sure they follow through with utilizing the patch.

That is now a problem because while Adobe patched its SWF file vulnerability quite a while ago, users who failed to update their browser plug-ins are still highly targeted by attacks that rely on the outdated version of Flash Player.

RELATED STORIES
Apple Closes iPhone, iPad holes
Chrome Update Fills in Holes
Adobe Patches 12 Critical Flash Holes
Firefox 8 Patches 8 Bugs

That move still nets quite a few victims out of the 7% of customers who still use an old version of the software, said researchers at Zscaler.

In April 2011, Adobe made sure the weakness that would allow an attacker to execute arbitrary code or launch a denial of service attack by using specially crafted Flash content, would never hurt any of their users who updated the player to the latest versions.

Now, it turns out since many still rely on the old variants, they become easy targets for hackers who encapsulate malicious swf files into Microsoft Office documents or html pages.

A location discovered by the experts found and embedded nb.swf flash file into a page executed by Adobe’s Flash Player. The execution of the specially crafted element leads to a memory corruption in the player that allows for a piece of shellcode to pass on as an input parameter.

At the time when researchers discovered it, only half of the security vendors listed in Virus Total detected the swf file as a threat.

“Flash and other browser plugins remain a popular target for attackers, even for known vulnerabilities that have been patched for some time. This is because attackers know that plugins regularly remain unpatched for some time,” said one Zscaler researcher.

This latest incident comes to show the importance of product updates. Users need to constantly update their anti-virus solutions. Also, browser and operating system components need updating as hacker can take over devices and steal any information that comes their way.



Leave a Reply

You must be logged in to post a comment.