7 June 2018

New zero-day in Adobe Flash Player heavily exploited in the Middle East

New zero-day in Adobe Flash Player heavily exploited in the Middle East

Several IT security companies were able to spot exploitation of a zero-day vulnerability in Adobe Flash Player against users in the Middle East.

According to published details, the attackers used a phishing attack pretending to be a popular job search website. The majority of the targeted users are in Doha and Qatar. The attack was detected on June 1, 2018.

The vulnerability in question used by the attackers is CVE-2018-5002. The exploit was delivered to users via an Excel file named “salary.xls”. The file by itself did not contain the exploit, instead, once opened, it was trying to download it.

Adobe reacted to issue very quickly and released today a security patch with version 30.0.0.113. Please, update ASAP.

This is the third zero-day vulnerability in Adobe products this year. The first vulnerability this year was also discovered in Adobe Flash (CVE-2018-4878). The second one CVE-2018-4990 was reported by ESET in Adobe Reader and fixed less than a month ago.

Our security bulletin: https://www.cybersecurity-help.cz/vdb/SB2018060720

Adobe security bulletin: https://helpx.adobe.com/security/products/flash-player/apsb18-19.html

Qihoo 360 Core Security Analysis: http://blogs.360.cn/blog/cve-2018-5002-en/

Back to the list

Latest Posts

Ke3chang APT targets diplomatic missions in Slovakia and South America with new Okrum malware

Ke3chang APT targets diplomatic missions in Slovakia and South America with new Okrum malware

Okrum’ functionality includes only basic backdoor commands, such as downloading and uploading files, executing files and shell commands.
19 July 2019
StrongPity APT deploys malicious versions of WinBox and WinRAR in ongoing attacks

StrongPity APT deploys malicious versions of WinBox and WinRAR in ongoing attacks

StrongPity group has come up with new malware, which is now targeting users located in Turkey.
18 July 2019
“Agent Smith” malware infected more than 25 million Android devices

“Agent Smith” malware infected more than 25 million Android devices

The malware leverages known Android exploits and automatically replaces installed apps with malicious clones without users’ knowledge or interaction.
15 July 2019
Featured vulnerabilities
Cross-site scripting in FortiNAC webUI
Low Patched | 19 Jul, 2019
Multiple vulnerabilities in Cybozu Garoon
Medium Patched | 18 Jul, 2019
Security restrictions bypass in Drupal
High Patched | 18 Jul, 2019