Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Windows Security / Flash Zero-Days: Why So Many Lately?
Flash Player Zero-Day Vulnerabilities: Why So Many Lately?
Flash Player Zero-Day Vulnerabilities: Why So Many Lately?
By Shirley Siluk / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Even for the vulnerability-troubled Adobe Flash Player, the emergence of multiple Flash zero-days over just a few weeks is unusual, according to a cybersecurity expert. Adobe has reported and issued updates for three zero-day exploits since January.

"It's an odd case," said Karl Sigler, threat intelligence manager for the Chicago-based cybersecurity firm Trustwave. "We haven't seen it before."

While there "could be different things behind it," Sigler said, he added that he suspects the quick succession of zero-days suggests the same perpetrators have been responsible for all three recent exploits.

'A Lot of Redirection'

The recent zero-days launched infections automatically through advertising malware delivered unknowingly through legitimate Web sites. For example, one Flash exploit tracked by researchers at Trend Micro was traced to ads on the popular video-sharing site Dailymotion.

Delivered through the until-now little-noticed Hanjuan Exploit Kit, the latest Flash zero-day "uses a lot of redirection" but is based on a relatively simple set of codes, Sigler told us. While other exploit kits such as Angler feature "extensive logic," the Hanjuan kit is both simpler and "more targeted," he said.

Adobe on Thursday released a number of security updates aimed at the recent zero-days. The vulnerabilities have affected Mac, Linux and Windows (8.1 and earlier) systems running the Internet Explorer or Firefox browsers. They work by redirecting users to a series of URLs until they eventually land on a malicious site where the exploit is hosted. After arriving there, the exploit "could potentially allow an attacker to take control of the affected system," Adobe warned.

Use Gateway Protection and Network Monitoring

Beyond ensuring their systems' anti-malware protections are up to date, users can protect themselves against such attacks in several ways, Sigler said. All the major browsers, for example, offer plug-ins that can control how Flash is deployed on a system. Trustwave also has a secure browsing plug-in that supports a wide range of operating systems, browsers and protocols.

Businesses -- which face special security challenges as a growing number of employees bring their own devices in to work -- can also use Web and anti-malware gateways to block access to online exploit kits and malvertising, Sigler said. Furthermore, he added, "You need to make sure you have excellent network monitoring."

The recent zero-day issues are yet another indication that the days of Flash may be numbered, Sigler added. More sites are now using HTML5 instead of Flash, although the reason for that is more likely often the native support for HTML5 on mobile devices rather than security, he said. YouTube recently announced its default video player would be HTML5 rather than Flash-based.

"Flash doesn't have a very good history from a zero-day perspective," Sigler said. "The tradeoff is becoming a little harder to swallow."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
Security software company McAfee has adapted to many changes over the years, but Chief Executive Chris Young says one thing has remained constant: "our commitment to protecting everyone."
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.