Collaboration, transparency

Your Feed is from
CyberWisdom Safe Harbor Commentary:
A recent story from opens up another 0-day Flash vulnerability was exploited in the field, a previously unknown vulnerability that was marked as CVE-2018-4878, affecting versions and earlier for Windows and Mac (desktop runtime), and Basically all in Chrome (Windows, Mac, Linux and Chrome OS).
The heavy use of this approach, which appears to have used the Korean goal by North Korean hackers, apparently has been in use since November 2017.
This is a rather complex attack chain, so I was surprised it was a very reliable hole because it targeted Flash content embedded in Microsoft Office documents.
Most current browsers of this generation do not have Flash support at all, or make “Ask First” when Flash content tries to display. This, I suspect, is why attackers choose to embed Flash into Microsoft Office documents because it is so commonplace to software, not to frequently update or patch individuals or organizations.
This is not the first Flash zero day, it will not be the last, we have already reported the last time, I think as more and more sites are phasing out Flash and ported to local HTML5, the impact should be getting smaller .
Read more…
APSA18-01 Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Read the rest of now! Only available at Darknet…. Engaging post, Read More…
thumbnail courtesy of
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post
The post 0-Day Adobe Flash Vulnerability Exploited In The Wild on Chrome and Browsers appeared first on Safe Harbor on Cyber.

Powered by WPeMatico

convert this post to pdf.
Be Sociable, Share!