Credit to Author: Prashant Tilekar| Date: Thu, 06 Dec 2018 10:52:25 +0000
Estimated reading time: 1 minuteThe recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in targeted attacks. Vulnerable Versions Adobe Flash Player 184.108.40.206 and earlier versions for Desktop Runtime, Google Chrome, Microsoft Edge and Internet Explorer 11. Adobe Flash Player 220.127.116.11 and earlier for Installer. About the vulnerability This is a Use after free vulnerability in Adobe Reader which allows attackers to perform a Remote Code Execution on targeted machines. The vulnerability allows for a maliciously crafted Flash object to execute code on a victim’s computer, which enables an attacker to gain command line access to the system. After successful exploitation, attackers can take control of the vulnerable system and executes extracted malware. Reportedly, the vulnerability is currently being exploited in the wild through a malicious Office document. This Office document is an initial attack vector which executes malicious Flash file. According to the advisory, the malicious office document was spread via spear-phishing attack. Quick Heal Detection Quick Heal has released the following detection for the vulnerability CVE-2018-15982: Exp.SWF.CVE-2018-15982.A Exp.SWF.CVE-2018-15982.B Exp.SWF.CVE-2018-15982.SL Quick Heal Security Labs is actively looking for new in-the-wild exploits for this vulnerability and ensuring coverage for them. References https://helpx.adobe.com/security/products/flash-player/apsb18-42.html Subject Matter Experts Prashant Tilekar |Quick Heal Security Labs The post CVE-2018-15982- Adobe Flash Player use after free (Zero Day) vulnerability alert! appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.