Adobe Flash Player now suffering from brand New Zero-day vulnerability with high severity rate and researchers believes that it cause a Severe impact on ActiveX Support browsers which leads to compromise the Windows PC.
Zero-day vulnerabilities are referred to attacks on vulnerabilities that have not been patched or made public.
This critical Zero-day vulnerability is presenting in current Adobe Flash Player ActiveX 220.127.116.11 and earlier versions.
In this case, this major Zero-day flaw mainly spreading via Microsoft office document or spam mail that contain a Malicious flash file.
South Koren Cyber Emergency Response Team(KR-CERT) Released Emergency notes that says, “This vulnerability only on user’s who all are using Internet Explorer (IE) be influenced chrome (chrome) until a patch is available using Firefox (FireFox) is recommended”
Security Researcher from Hauri, Inc.said, “Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea.”
Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea. (no patch yet) pic.twitter.com/bbjg1CKmHh
— Simon Choi (@issuemakerslab) February 1, 2018
Adobe users have to beware of this severe Zero-day Until Adobe releases the security patch for this Vulnerability.
Temporary Mitigation for this Zero-day Vulnerability
- Remove the flash player from computer Until Adobe releases a security patch for the vulnerability.
- do not trust the website Scion visits and the source does not open an unknown email attachment viewing prohibited and links
- keep the latest updates of antivirus programs, and enable real-time monitoring
- Use Firefox until a patch is available
Source : GBHackers