October 23, 2014

Adobe releases out-of-band security update to fix zero-day exploit

adobe-logoAdobe has released an out-of-band security patch for Flash Player to fix a critical zero-day vulnerability that is being exploited in the wild. The vulnerability allows attackers to remotely take control of the affected system. Once they have control the attackers can install malware and recruit the affected PC into a botnet. Adobe was forced into issuing an immediate patch to the problem as an exploit for this vulnerability exists in the wild and is being used by attackers. Adobe recommends that users update Flash Player on their PCs immediately.

Because of an Integer underflow, that is present in Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, remote attackers can execute arbitrary code on a victim’s PC. However Adobe did not include any details about how the vulnerability is being exploited.

Adobe did however thank two researchers from Kaspersky Lab for reporting the vulnerability. There is speculation that the vulnerability could be related to “The Mask” an Advanced Persistent Threat (APT) that a Kaspersky Lab Expert wrote about recently. The Kaspersky post references Adobe Flash in the context of a long-running cyber espionage campaign that Kaspersky says it will present more about during the next week at the Kaspersky Security Analyst Summit 2014.

In response to Adobe’s update Google has released Chrome 32.0.1700.107 for Windows, Mac and Linux with an updated version of the embedded Flash Player. Microsoft likewise has updated Internet Explorer 10 and 11 on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.

Apple has released an update to its web plug-in blocking mechanism to disable all versions prior to Flash Player 12.0.0.44. If OS X users try to view Flash content in Safari they will see a “Blocked Plug-in” alert unless they have updated to the latest version of Flash Player.

Adobe Flash Player Responsible for 7 of Top 10 Vulnerabilities

(LiveHacking.Com) – Kaspersky Lab has published its malware report for the second quarter of 2011 and it has found that seven of the current top ten vulnerabilities are in Adobe Flash Player and the other three in Java. This means that for the first time Microsoft products have disappeared from this list. Kaspersky put this down to “improvements in the automatic Windows update mechanism and the growing proportion of users who have Windows 7 installed on their PCs.”

According to the report, navigating the web remains the riskiest activity on the Internet, with malicious URLs that serve exploit kits, bots, ransomware Trojans, etc. being the most frequently detected objects online.

In terms of geography, every second computer in India was at risk of local infection at least once in the past three months.

“Over the last few years, India has been growing steadily more attractive to cybercriminals as the number of computers in the country increases steadily. Other factors that attract the cybercriminals include a low overall level of computer literacy and the prevalence of pirated software that is never updated,” explains Yury Namestnikov, Senior Virus Analyst at Kaspersky Lab. “Botnet controllers see India as a place with millions of unprotected and un-patched computers which can remain active on zombie networks for extended periods of time.”

Whereas the five safest countries in terms of the level of local infections are: Japan, Germany, Denmark, Luxembourg and Switzerland.

The report also warns users about fake antivirus programs. During the second quarter of 2011, the number of fake antivirus programs detected globally by Kaspersky Lab began to increase: the number of users whose computers blocked attempts to install counterfeit software increased 300 per cent in just three months.