A serious zero-day flaw in its Flash Player browser plugin had Adobe scrambling to issue a critical patch on Wednesday. The vulnerability that affects both Mac and Windows operating systems allows an attacker to potentially take over a system. Adobe said the bug has already been exploited by hackers in the wild.
The vulnerability was first discovered earlier this month by FireEye, a private computer security company. FireEye privately informed Adobe of the exploit. The company’s team in Singapore discovered the flaw thanks to a phishing campaign by the Chinese hacker group APT3, also known as UPS.
A Sophisticated Threat
APT3 had been targeting organizations involved in several critical industries, including aerospace and defense, construction and engineering, high tech, telecommunications, and transportation. FireEye had previously identified APT3 in April of last year, and described the group as one of the most sophisticated threats that it tracks.
The hacker group has a history of introducing zero-day exploits into browser plugins using vulnerabilities in software such as Internet Explorer, Firefox, and Flash. After successfully exploiting a target host, APT3 will quickly dump credentials, move laterally to additional hosts, and install custom backdoors. APT3’s command and control infrastructure is difficult to track, as there is little overlap across campaigns.
The hacker group’s latest exploit affects Adobe’s Flash Player Desktop Runtime, Flash Player Extended Support Release, Flash Player for Linux, and Flash Player for Google Chrome, Internet Explorer 10 and 11. The company said users running those products should upgrade to the latest versions immediately.
Nevertheless, Adobe assigned the update its highest priority rating, indicating that the company considered it a crucial security flaw that users should fix as soon as possible.
According to Adobe, users running the Flash Player browser plugin on Google Chrome or Internet Explorer on Windows 8.x systems will have their software automatically updated. Users running Flash Player Desktop Runtime for Windows and Macintosh should update to Adobe Flash Player 22.214.171.124, users of the Flash Player Extended Support Release should update to Adobe Flash Player 126.96.36.1996, and users of Adobe Flash Player for Linux should update to Adobe Flash Player 188.8.131.528.
The vulnerability is only the latest to befall the hapless plugin, which has been the victim of a number of exploits in the past. Last year, Kaspersky Labs found that the Syrian government had used another exploit in the software to attack what it considered to be political opponents. Although the Flash Player is widely used, security experts have recommended that users uninstall it due to its numerous security issues.
Read more on: Adobe
, Network Security
, Internet Explorer
, Top Tech News
Posted: 2015-06-24 @ 2:54pm PT
Time to ditch Flash and use HTML5 instead. Steve Jobs was right.