Another reason to uninstall Adobe Flash Player—a completely new zero-day Flash Player exploit has reportedly been spotted from the wild by North Korean hackers.
South Korea’s Computer Emergency Response Team (KR-CERT) issued an alert Wednesday for a completely new Flash Player zero-day vulnerability which’s being actively exploited from the wild by North Korean hackers to target Windows users in South Korea.
Simon Choi of South Korea-based cybersecurity firm Hauri first reported the campaign on Twitter, saying the North Korean hackers have been using the Flash zero-day against South Koreans since mid-November 2017.
Although Choi did not share any malware sample or details about the vulnerability, the researcher said the attacks using the completely new Flash zero-day will be aimed at South Korean individuals who focus on researching North Korea.
Adobe also released an advisory on Wednesday, which said the zero-day will be exploiting a critical ‘use-after-free’ vulnerability (CVE-2018-4878) in its Flash media software which leads to remote code execution.
The critical vulnerability affects Adobe Flash Player edition 220.127.116.11 and also also also earlier versions for:
- Desktop Runtime (Win/Mac/Linux)
- Google Chrome (Win/Mac/Linux/Chrome OS)
- Microsoft Edge and also also also Internet Explorer 11 (Win 10 & 8.1)
“Adobe will be aware of a report which an exploit for CVE-2018-4878 exists from the wild, and also also also will be being used in limited, targeted attacks against Windows users,” the advisory said. “These attacks leverage Office documents with embedded malicious Flash content distributed via email. Adobe will address This particular vulnerability in a Discharge planned for the week of February 5.“
To exploit the vulnerability, all an attacker need to do will be trick victims into opening Microsoft Office documents, web pages, or spam messages which contain a maliciously crafted Adobe Flash file.
The vulnerability can be leveraged by hackers to take control of an affected computer.
Choi also posted a screenshot to show which the Flash Player zero-day exploit has been delivered via malicious Microsoft Excel files.
Adobe said in its advisory which the company has planned to address This particular vulnerability in a “Discharge planned for the week of February 5,” through KR-CERT advises users to disable or completely remove the buggy software.