1 February 2018

Zero-day vulnerability in Adobe Flash Player

Zero-day vulnerability in Adobe Flash Player

The South Korean Computer Emergency Response Team (KR-CERT) issued a security alert warning about zero-day vulnerability in the latest version of Adobe Flash Player 28.0.0.137.

According to the South Korean security firm Hauri Inc., the exploitation was detected in mid-November 2017. The attackers used Microsoft Excel files with embedded .swf document, which contained a malicious payload.

Screenshot of the malicious document looks as follows:

As for now there are no official comments on the issue from Adobe. We will keep an eye on this vulnerability and update our advisories accordingly:

https://www.cybersecurity-help.cz/vdb/SB2018020120

https://www.zero-day.cz/database/484/

This is a second zero-day vulnerability in 2018. The first one (CVE-2018-0802) was revealed by Microsoft in January.

Back to the list

Latest Posts

Russian hackers are using weaponized TeamViewer in attacks on embassies around the world

Russian hackers are using weaponized TeamViewer in attacks on embassies around the world

The popular remote access and desktop sharing tool is used to gain access to the victim's computer.
24 April 2019
Patch Tuesday in December 2018: 1 zero-day and more than 100 bugs fixed by Microsoft and Adobe

Patch Tuesday in December 2018: 1 zero-day and more than 100 bugs fixed by Microsoft and Adobe

Vulnerability statistics for Patch Tuesday in December 2018.
12 December 2018
Patch Tuesday: 60 vulnerabilities, 2 zero-days and good old LNK bugs

Patch Tuesday: 60 vulnerabilities, 2 zero-days and good old LNK bugs

Today Microsoft has released security fixes for 60 vulnerabilities in total. Among them 2 zero-days in Windows Shell and Internet Explorer.
15 August 2018
Featured vulnerabilities
CSRF in File Manager plugin for WordPress
High Patched | 23 Apr, 2019
Integer overflow in lighttpd
Medium Patched | 23 Apr, 2019
Cross-site scripting in Kunena for Joomla!
Medium Patched | 22 Apr, 2019
Cross-site scripting in I, Librarian
Medium Not Patched | 21 Apr, 2019