New Adobe Flash zero day vulnerability provides users more reasons to disable the tool

Costea Lestoc By: Costea Lestoc
2 minute read
Adobe Flash Player Zero Day

Home » News » New Adobe Flash zero day vulnerability provides users more reasons to disable the tool

It’s a good thing can surf the web these days without needing to use Adobe’s Flash Player as the player has become a source of infection according to Kaspersky Labs, the firm that recently identified a new zero-day attack for the technology.

A new Adobe Flash zero day exploit

BlackOasis used an Adobe Flash zero day exploit in an attack on October 10 which was identified by the Kaspersky Lab advanced exploit prevention system. The vulnerability was reported to Adobe and an advisory was issued.

Researchers from Kaspersky Lab advised government organizations and businesses to update all installations of Adobe immediately. The group behind this attack might be the same one that was responsible for CVE-2017-8759, another zero day from September. The group uses documents to lure users into opening and playing the infected content.

Kaspersky Lab’s advice

The experts from Kaspersky labs advise organizations to take the following actions immediately:

  • In case it is not implemented already, you have to use the killbit feature for Flash software and if it’s possible, you are advised to disable it altogether.
  • You are advised to implement an advanced, multi-layered security solution that covers all systems, networks, and endpoints.
  • It’s recommended to educate and train personnel on social engineering tactics considering this method is used to make users open malicious docs or click on infected links.
  • Regular security assessments of the organization’s IT infrastructure must be conducted regularly.
  • It’s best to use Kaspersky’s Lab’s Threat Intelligence because it tracks cyber attacks, incidents, and threats while also providing customers with updated, relevant information they may not be aware of.

Previously this year, actors who deployed malware abused critical vulnerabilities in Microsoft Word and Adobe products. Experts believe that the number of such exploits will continue to grow, so high caution is needed when going forward.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

Download Windows 10 KB4491101 to fix OS stability issues

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Microsoft just released cumulative update KB4491101 for those who are running Windows 10 V1507 (RTM version). The update is just restricted to the users of Windows 10 […]

Continue Reading

This version of Office has been deprovisioned [FIXED]

Rabia Noureen avatar. By: Rabia Noureen
4 minute read

It is certainly annoying to face issues in your system when you have to finish off the most important task that has been assigned by […]

Continue Reading

Windows 10 v1809 KB4482887 lands next Tuesday

Irfa Batool avatar. By: Irfa Batool
2 minute read

Microsoft is planning to rollout Cumulative Update KB4482887 for Windows 10 version 1809 next week. For the time being, the update is available only for Preview […]

Continue Reading