Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
General Topics
»
Adobe Flash zero-day exploit in the wild *Updated*
« previous
next »
Print
Pages: [
1
]
2
Go Down
Author
Topic: Adobe Flash zero-day exploit in the wild *Updated* (Read 10352 times)
0 Members and 1 Guest are viewing this topic.
Marc57
Avast Evangelist
Super Poster
Posts: 1944
KISS Rules The World!!!
Adobe Flash zero-day exploit in the wild *Updated*
«
on:
May 28, 2008, 12:05:11 AM »
Malware hunters have spotted a previously unknown — and unpatched — Adobe Flash vulnerability being exploited in the wild.
http://blogs.zdnet.com/security/?p=1189&tag=nl.e589
Be careful out there
«
Last Edit: May 29, 2008, 07:41:04 PM by marc57
»
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!
Lisandro
Avast team
Certainly Bot
Posts: 67194
Re: Adobe Flash zero-day exploit in the wild
«
Reply #1 on:
May 28, 2008, 12:21:01 AM »
Does avast protects against this one?
Logged
The best things in life are free.
Marc57
Avast Evangelist
Super Poster
Posts: 1944
KISS Rules The World!!!
Re: Adobe Flash zero-day exploit in the wild
«
Reply #2 on:
May 28, 2008, 03:08:25 AM »
Quote from: Tech on May 28, 2008, 12:21:01 AM
Does avast protects against this one?
A very good question Tech, Let's hope someone from Alwil can answer it.
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!
FreewheelinFrank
Avast Evangelist
Ultra Poster
Posts: 4872
I'm a GNU
Re: Adobe Flash zero-day exploit in the wild
«
Reply #3 on:
May 28, 2008, 10:53:02 AM »
More reports:
http://tailrank.com/6068446/Adobe-Flash-Player-SWF-File-Unspecified-Remote-Code-Execution-Vulnerability
http://ddanchev.blogspot.com/2008/05/malware-attack-exploiting-flash-zero.html
http://isc.sans.org/diary.html?storyid=4465
http://news.cnet.com/8301-10789_3-9952547-57.html
Logged
Bambleweeny 57 sub-meson brain
Don't Surf in the Nude Blog
kubecj
Guest
Re: Adobe Flash zero-day exploit in the wild
«
Reply #4 on:
May 28, 2008, 12:43:54 PM »
Added the detection to the internal test version, should be out today.
Logged
Marc57
Avast Evangelist
Super Poster
Posts: 1944
KISS Rules The World!!!
Re: Adobe Flash zero-day exploit in the wild
«
Reply #5 on:
May 28, 2008, 03:39:25 PM »
Thanks kubecj.
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Adobe Flash zero-day exploit in the wild
«
Reply #6 on:
May 28, 2008, 06:47:13 PM »
Hi malware fighters,
Here a list of sites to block:
http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20080527
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Marc57
Avast Evangelist
Super Poster
Posts: 1944
KISS Rules The World!!!
Re: Adobe Flash zero-day exploit in the wild
«
Reply #7 on:
May 28, 2008, 06:50:30 PM »
Thanks for the info polonus.
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!
CharleyO
Guest
Re: Adobe Flash zero-day exploit in the wild
«
Reply #8 on:
May 29, 2008, 04:21:39 AM »
***
Thanks for the link, Polonus.
***
Logged
Marc57
Avast Evangelist
Super Poster
Posts: 1944
KISS Rules The World!!!
Re: Adobe Flash zero-day exploit in the wild
«
Reply #9 on:
May 29, 2008, 07:38:50 PM »
Update, it looks like the 9.0.124.0 plug-in version of flash player is immune to this attack. Make sure yours is up to date.
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=spam__malware_and_vulnerabilities&articleId=9090218&taxonomyId=85
Logged
You Wanted the Best You Got the Best the Hottest Band in the World KISS!!!
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Adobe Flash zero-day exploit in the wild *Updated*
«
Reply #10 on:
May 29, 2008, 08:45:24 PM »
Hi marc57,
Thanks for the heads up. I already have this latest version, and other are advised to do so without delay at:
http://www.adobe.com/products/flashplayer/
Still 40% of all Windows users did not update, according to numbers from Online Software Inspector and Personal Software Inspector links:
https://psi.secunia.com/
and
http://secunia.com/software_inspector/
36% of PSI users did not update to the latest 9.0.124.0 version. If these are the numbers for security aware people, the numbers for unprotected and vulnerable common users must be many times higher.
However the users of Firefox with NoScript blocking must be considered as also secure,
polonus
«
Last Edit: May 29, 2008, 08:47:09 PM by polonus
»
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
drhayden1
Guest
Re: Adobe Flash zero-day exploit in the wild *Updated*
«
Reply #11 on:
May 29, 2008, 09:45:21 PM »
Security sites are warning of increased dangers of malformed Shockwave Flash (SWF) objects. I've read reports of possibly 250,000 web pages hosting this new exploit. It is important to move to the latest version of Flash if prompted or manually update if you are not on version 9.0.124.
Adobe test site which will show latest version (should be 9.0.124)
http://kb.adobe.com/selfservice/viewConten...rnalId=tn_15507
How to manually update if needed (be sure to uncheck Google Toolbar)
http://www.adobe.com/products/flashplayer/
AVERT reports that recent sites affected by mass hacking attacks are being redirected to load malicious SWF files. These exploits are being programmed for specific versions of Flash to broaden the scope of attacks. Finally, please see last AVERT link (05/28), as they are researching a new variant that might possibly exploit Flash where it is fully up-to-date (e.g., 9.0.124).
Adobe Flash Player Flaw - Massive Exploitation reported
http://www.frsirt.com/english/
QUOTE: Adobe Flash Player Flaw Massive Exploitation -- The Adobe Flash Player vulnerability which was disclosed this week by Symantec and believed to be unknown (zero-day) is a previously known issue that was patched with version 9.0.124.0. Multiple compromised web pages are currently exploiting this flaw and distributing malware.
ADDITIONAL LINKS
http://www.frsirt.com/english/advisories/2008/1158
http://isc.sans.org/diary.html?storyid=4474
http://secunia.com/advisories/30404/
http://www.securityfocus.com/bid/29386
http://www.avertlabs.com/research/blog/ind...exploit-update/
QUOTE: Here's a quick update to the earlier post on a new unpatched Adobe Flash vulnerability. Through looking for sites serving these SWF exploits we've found a connection with recent mass hacks. Hacked sites reference an external script, just as they have for quite some time. But, the external scripts now reference an SWF file.
New variants emerging - AVERT researching claims that currently patched systems may be vulnerable?
http://www.avertlabs.com/research/blog/ind...ploit-update-2/
Logged
DavidR
Avast Überevangelist
Certainly Bot
Posts: 89026
No support PMs thanks
Re: Adobe Flash zero-day exploit in the wild *Updated*
«
Reply #12 on:
May 29, 2008, 10:23:40 PM »
Dan, when you are posting links many don't work.
e.g. all the ones with ... in the URL.
This is because where you are copying them from whatever source, they shorten the displayed URL using the .... in the displayed link, the underlying URL of the link you copy from should have the full path.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Adobe Flash zero-day exploit in the wild *Updated*
«
Reply #13 on:
May 29, 2008, 11:09:26 PM »
Hi DavidR,
The most interesting link:
http://www.avertlabs.com/research/blog/index.php/2008/05/28/flash-player-exploit-update-2/
pol
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
kubecj
Guest
Re: Adobe Flash zero-day exploit in the wild *Updated*
«
Reply #14 on:
May 29, 2008, 11:45:55 PM »
Our detection in the last VPS should be very, very generic (I'm myself a bit afraid that it may sometimes FP on broken flash files), so avast users should be protected.
I'm not sure I understand the NoScript remark? The vulnerability is in Flash, the javascript around is just to hide the fact.
Logged
Print
Pages: [
1
]
2
Go Up
« previous
next »
Avast WEBforum
»
Other
»
General Topics
»
Adobe Flash zero-day exploit in the wild *Updated*