Please note this blog contains fast-changing, emerging information. Foundation IT Managed Service customers will receive periodic updates directly and will be contacted regarding next steps as applicable in their environment.
On the 1st February 2018, Adobe issued a Security Advisory via their website regarding a critical Zero Day vulnerability that can allow Remote Code Execution. This has been documented within the National Vulnerability Database under CVE-2018-4878 and affects the following products:
|Adobe Flash Player Desktop Runtime||18.104.22.168 and earlier versions||Windows, Macintosh|
|Adobe Flash Player for Google Chrome||22.214.171.124 and earlier versions||Windows, Macintosh, Linux and Chrome OS|
|Adobe Flash Player for Microsoft Edge and Internet Explorer 11||126.96.36.199 and earlier versions||Windows 10 and 8.1|
|Adobe Flash Player Desktop Runtime||188.8.131.52 and earlier versions||Linux|
There are already multiple reports of this exploit being used in the wild, with attackers embedding malformed Adobe Flash Objects into Microsoft Office documents (such as Microsoft Excel or Word) and sending these via email. Once the file is opened by the unsuspecting user, additional payloads from compromised websites are downloaded and executed. An example file which contains the exploit is shown as an image below:
The vulnerability is a “use after free” (UAF) vulnerability, which is a class of memory corruption bug which has been utilised heavily for browser based exploits.
Adobe have advised to update all versions of Adobe Flash Player on vulnerable systems to the following versions:
|Adobe Flash Player Desktop Runtime||184.108.40.206||Windows, Macintosh||Flash Player Download Center Flash Player Distribution|
|Adobe Flash Player for Google Chrome||220.127.116.11||Windows, Macintosh, Linux and Chrome OS||Google Chrome Releases|
|Adobe Flash Player for Microsoft Edge and Internet Explorer 11||18.104.22.168||Windows 10 and 8.1||Microsoft Security Advisory|
|Adobe Flash Player Desktop Runtime||22.214.171.124||Linux||Flash Player Download Center|
Foundation IT can help you identify which of your systems are impacted by this, and help to implement a solution to keep your environment protected.