Update Available to Fix Zero-Day Flash Vulnerability

Tuesday was the regular day for Adobe to release software updates, and this Tuesday they released a bulletin for Flash announcing that there was a newly-discovered vulnerability which was already being used, "in limited attacks," in the wild by cyber criminals. However... not patch was available. Yet.

That patch was released this afternoon (Thursday), and is now available both on their website and via auto-update. The vulnerability it fixes (CVE-2016-4171) affects Flash on all platforms: Windows, Macintosh, Linux, and Chrome OS. It was reported to Adobe by researchers from Kaspersky Labs, who have observed it being used by an "advanced persistent threat" (APT) group that Kaspersky has dubbed "ScarCruft." Organizations are urged to ensure their system are updated as soon as possible.

This is the third time in recent months that Adobe has delayed a Flash update from its normal, expected release time in order to include a patch for an active zero-day exploit.

http://www.scmagazine.com/adobe-patches-critical-zero-day-vulnerability-in-flash-player/article/503680/

http://arstechnica.com/security/2016/06/critical-adobe-flash-bug-under-active-attack-currently-has-no-patch/

https://helpx.adobe.com/security/products/flash-player/apsa16-03.html

Comments

Post a Comment

Popular posts from this blog

Two-Factor Authentication

Image
Many organizations now are using multi-factor security for user authentication, especially in higher-risk cases (e.g., admin users, remote access). Many popular consumer-oriented services offer this as a feature as well. If your Gmail, Apple, Microsoft, Facebook, Twitter, Yahoo, or other account doesn't currently require a two-factor or two-step login, it is easy to enable. If your bank or other online financial service doesn't offer this feature, tell them you want it or move to one that does. Here are two great sites with a lists of services that support two-factor authentication and links to set it up:    https://twofactorauth.org/ http://www.pcmag.com/article2/0,2817,2456400,00.asp Most two-factor authentication schemes can work from an app or a text message on your smartphone. It can take a bit of learning at first, but for most users it quickly becomes routine and trouble-free.
Read more

Vulnerability in Cisco Devices VPN Functionality

Image
A few weeks ago a vulnerability was publicized in the VPN functionality of Cisco PIX firewalls, along with a tool to exploit it. This exploit was part of the Shadow Brokers dump of tools allegedly stolen from the NSA; in this case it was the BENIGNCERTAIN tool. This exploit was viewed as being of limited impact, since Cisco discontinued support for the PIX firewall years ago in favor or their newer ASA firewall line. This weekend it was announced that the same vulnerability exists in the IOS software that powers the vast majority of Cisco devices. This means that Cisco routers and routing switches with VPN functionality can be exploited with the BENIGNCERTAIN tool as well, rendering their VPN sessions subject to snooping. The vulnerability affects all versions of IOS going back to 12.2, as well as most versions IOS XR and IOS XE. Cisco has not yet released updated software to fix this issue, and they say there are no work-arounds; they have, however, published intrusion detectio...
Read more

Ransomware Attack on Office365 Corporate Users

Image
A phishing campaign was discovered last week that targeted possibly millions of users of Microsoft's Office365 Corporate service. The campaign was delivering the Cerber ransomware, which encrypts documents, videos, and photos on the compromised computer, as well as any network file shares to which the compromised computer is attached, and then demands a ransom to provide the ability to decrypt them. The malware was delivered via a document with malicious macros embedded in it. Previous versions of Cerber were delivered via web-based exploits that exploited Flash vulnerabilities. The malware was able to bypass the built-in security tools in Office365, but was detected using the Check Point SandBlast malware protection system. The SandBlast technology can run on a Check Point firewall, as an agent on network endpoints, or as a cloud-based service. To learn more about Check Point Sandblast, contact Anchor.
Read more