Another 0day vulnerability found in Adobe Flash Player

Information security researchers from Kaspersky Lab, Costin Raiu, and Anton Ivanov have discovered a critical vulnerability in the Adobe Flash Player. Vulnerable versions of the software Adobe Flash Player 21.0.0.242 and earlier versions for Windows, Mac, Linux and Chrome OS platforms.

According to the researchers, the vulnerability they found in the spring of this year has been exploited by the StarCruft APT group of cybercriminals. Hackers continue to carry out two operations on hacking - they are called Operation Daybreak and Operation Erebus. The first of them was launched in March 2016, in its course was used previously unknown 0day-eksploit for Adobe Flash Player, and the purpose of the attack were high-ranking victims. In the course of the second attack, the attackers used an exploit for the CVE-2016-4117 vulnerability, there is a possibility that they would use another exploit for the zero-day vulnerability CVE-2016-0147, the patch for which was released in April.
')
ScarCruft victims have been discovered in a number of countries, including Russia, Nepal, South Korea, China, India, Kuwait and Romania.

The release of the patch for the vulnerability detected by experts is scheduled for Thursday, June 16th. At the same time, the researchers promised to provide more information about the detected security problems in the Adobe Flash Player.

As a temporary measure before the release of the patch, Positive Technologies experts recommend that users turn off Adobe Flash in browsers, and, if necessary, use it only for trusted sites.

To prevent the effects of an attack on a Windows platform, you can use the Enhanced Mitigation Experience Toolkit (EMET).

Experts at Positive Technologies recommend that corporate IT systems users apply specialized tools to counter complex attacks using new vulnerabilities. For example, the MaxPatrol SIEM system is already able to detect the specified Adobe Flash Player vulnerability:



MaxPatrol SIEM uses Scanless Vulnerability Detection technology, which allows you to determine the actual picture of vulnerabilities without the need to re-scan. Simply update the vulnerability database.

In addition, to prevent problems related to the exploitation of this vulnerability, you can use the MaxPatrol 8 security and compliance monitoring system.