South Korea's Computer Emergency Response Team (KR-CERT) issued an alarm Wed for a novel Flash Player zero-day vulnerability that's beingness actively exploited inward the wild yesteryear North Korean hackers to target Windows users inward South Korea.
Simon Choi of South Korea-based cybersecurity theater Hauri kickoff reported the induce on Twitter, proverb the North Korean hackers own got been using the Flash zero-day against South Koreans since mid-November 2017.
Although Choi did non part whatever malware sample or details almost the vulnerability, the researcher said the attacks using the novel Flash zero-day is aimed at South Korean individuals who focus on researching North Korea.
Adobe too released an advisory on Wednesday, which said the zero-day is exploiting a critical 'use-after-free' vulnerability (CVE-2018-4878) inward its Flash media software that leads to remote code execution.
- Desktop Runtime (Win/Mac/Linux)
- Google Chrome (Win/Mac/Linux/Chrome OS)
- Microsoft Edge together with Internet Explorer eleven (Win 10 & 8.1)
"Adobe is aware of a study that an exploit for CVE-2018-4878 exists inward the wild, together with is beingness used inward limited, targeted attacks against Windows users," the advisory said. "These attacks leverage Office documents amongst embedded malicious Flash content distributed via email. Adobe volition address this vulnerability inward a release planned for the calendar week of Feb 5."
To exploit the vulnerability, all an assailant require to practice is clitoris a fast 1 on victims into opening Microsoft Office documents, spider web pages, or spam messages that incorporate a maliciously crafted Adobe Flash file.
The vulnerability tin live on leveraged yesteryear hackers to accept command of an affected computer.
Choi too posted a screenshot to exhibit that the Flash Player zero-day exploit has been delivered via malicious Microsoft Excel files.
Adobe said inward its advisory that the fellowship has planned to address this vulnerability inward a "release planned for the calendar week of Feb 5," through KR-CERT advises users to disable or completely take away the buggy software.
