Adobe Flash Player Zero-Day Exploit Spotted in the Wild

Another reason to uninstall Adobe Flash Player—a new zero-day Flash Player exploit has reportedly been spotted in the wild by North Korean hackers.

South Korea's Computer Emergency Response Team (KR-CERT) issued an alert Wednesday for a new Flash Player zero-day vulnerability that's being actively exploited in the wild by North Korean hackers to target Windows users in South Korea.
Simon Choi of South Korea-based cybersecurity firm Hauri first reported the campaign on Twitter, saying the North Korean hackers have been using the Flash zero-day against South Koreans since mid-November 2017.
Although Choi did not share any malware sample or details about the vulnerability, the researcher said the attacks using the new Flash zero-day is aimed at South Korean individuals who focus on researching North Korea.

Adobe also released an advisory on Wednesday, which said the zero-day is exploiting a critical 'use-after-free' vulnerability (CVE-2018-4878) in its Flash media software that leads to remote code execution.

The critical vulnerability affects Adobe Flash Player version 28.0.0.137 and earlier versions for:

  • Desktop Runtime (Win/Mac/Linux)
  • Google Chrome (Win/Mac/Linux/Chrome OS)
  • Microsoft Edge and Internet Explorer 11 (Win 10 & 8.1)

Adobe said in its advisory that the company has planned to address this vulnerability in a "release planned for the week of February 5," though KR-CERT advises users to disable or completely remove the buggy software.

Source: The Hacker News