Adobe releases emergency patches to fix North Korea's CVE-2018-4878 Vulnerabilities

Adobe releases emergency patches to fix North Korea's CVE-2018-4878 Vulnerabilities

Adobe released an emergency fix that fixes two serious remote execution vulnerabilities, including the CVE-2018-4878 vulnerability exploited by North Korea.

Last week, South Korea's Internet and Security Agency (KISA) warned that North Korean hackers used a Flash zero-day Vulnerability (CVE-2018-4878 ).

According to the KISA warning, this vulnerability affects the latest Flash Player 28.0.0.20.and earlier versions.

Attackers can exploit this vulnerability to open a document containing a special Flash file, webpage, or email.

"A zero-day vulnerability was found in Adobe Flash Player. Attackers may be able to persuade users to open Microsoft Office documents, web pages, or spam that contain Flash files, "the consulting report published by CERT in Korea states.

Researchers Simon Choi said that since middle November 2017, North Korea has been using Flash Player zero-day. Attackers exploit the zero-day vulnerability to attack South Koreans involved in North Korea's research activities.

In a picture shared by Choi on Twitter, hackers exploit this vulnerability to spread malware, which indicates that the vulnerability has been spread through a malicious Microsoft Excel file.

Cisco and FireEye both went into the investigation and warned that they had been tracking hacking groups in North Korea. This organization was named TEMP. Reaper by FireEye and called Group 123 by Cisco. It was very active in 2017.

Adobe fixed this vulnerability with an emergency patch that also fixes another remote code execution vulnerability CVE-2018-4877 found by researchers at the Qihoo 360 Vulcan team.

"Adobe released security updates for Adobe Flash Player for Windows, Macintosh, Linux, and Chrome operating systems. These updates address critical vulnerabilities that may cause remote code execution in Adobe Flash Player 28.0.0.20.and earlier versions. Successful exploitation allows attackers to control the affected system. "Adobe announced.

"Adobe knows CVE-2018-4878's limited targeted attacks for Windows users. These attacks use email to distribute Office documents with embedded malicious Flash content. "

These two vulnerabilities are important to all supported operating systems, and only the Linux version of Adobe Flash Player Desktop Runtime has survived.

There have been more than 1000 vulnerabilities since Flash was released. Today, many Web browsers do not support Flash by default, but users usually re-enable it for convenience.

* Reference Source: SecurityAffairs