North Korea hackers exploit Flash bug to pwn South Koreans. Adobe to issue fix next week

Your Feed is from https://www.safeharboroncyber.com/Blog/
CyberWisdom Safe Harbor Commentary on Flash Bug:
A recent story from theregister.co.uk thinks a surprising Adobe Flash Bug release on a patch next week to compress a flaw in Flash. The flaw could be exploited by malicious web pages and documents to hijack and monitor vulnerable computers when they are opened.
North Korean hackers are now abusing the vulnerability to infect victims’ PCs. You should update your browser or Flash installation – If you are still using Flash, the other criminals will not be able to exploit this vulnerability and may take control your computer if the fixes appear.
Zero-day vulnerability caused by Flash bug
Adobe Flash Player is now severely affected by the new Zero-day vulnerability, which researchers believe can have a serious impact on ActiveX-enabled browsers, compromising the security of Windows PCs.
Zero-day vulnerabilities are attacks that have not been patched or undisclosed.
This important zero-day vulnerability is shown in the current Adobe Flash Player ActiveX versions 28.0.0.137 and earlier.
In this case, this major zero-day vulnerability is primarily spread through Microsoft Office documents or spam messages that contain malicious Flash files.
South Korea’s Computer Emergency Response Team found that programming chaos (CVE-2018-4878) was exposed after the malicious code was hidden in Microsoft Office documents, web pages, and spam, exploiting Flash loopholes to infect Windows PCs with malware.

South Koren Cyber Emergency Response Team(KR-CERT) Released Emergency notes that says, “This vulnerability only on user’s who all are using Internet Explorer (IE) be influenced chrome (chrome) until a patch is available using Firefox (FireFox) is recommended”

Security Researcher from Hauri, Inc.said, “Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea.”
Simon Choi, head of the Korea Information Security Research Center, said the vulnerability was abused by North Korea to spy on South Korea’s investigation of the dictatorial regime in the hermit state. Victims are tricked into opening a sly Microsoft Office spreadsheet to crack the PC via flash:
North Korea used a Flash 0day vulnerability in mid-November 2017 to attack South Koreans, mainly North Koreans. (No patch yet)
Adobe said today that it is working on a patch that should be released on the “February 5” week We can only wait for the Flash bug fix.
All versions of Flash are susceptible to the above issues. Photoshop makers said that so far only Windows machines have been attacked, although Windows, Macintosh, Linux and Chrome operating systems may be attacked.
Read more…
Maybe it’s a good time to just delete the thing Adobe will next week emit patches to squash a security bug in Flash that can be exploited by malicious webpages and documents, when opened, to hijack and spy on vulnerable computers. Engaging post, Read More…
thumbnail courtesy of theregister.co.uk

Beware!! New Zero-day Vulnerability Found in Adobe Flash Player – Still No Patches Available
Adobe Flash Player now suffering from brand New Zero-day vulnerability with high severity rate and researchers believes that it cause a Severe impact on ActiveX Support browsers which leads to compromise the Windows PC. Zero-day vulnerabilities are referred to attacks on vulnerabilities that have not been patched or made public. This critical Zero-day vulnerability is… Beware!! New Zero-day Vulnerability Found in Adobe Flash Player – Still No Patches Available

(adsbygoogle = window.adsbygoogle || []).push({});

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post
The post North Korea hackers exploit Flash bug to pwn South Koreans. Adobe to issue fix next week appeared first on Safe Harbor on Cyber.