CVE-2018-4878

MalwareBytesSecurity

Exploit kits: Winter 2018 review

Credit to Author: Jérôme Segura| Date: Thu, 29 Mar 2018 15:00:00 +0000

In this Winter 2018 review, we check the pulse of exploit kits and their latest developments.

Categories:

Tags:

(Read more…)

The post Exploit kits: Winter 2018 review appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

Hermes ransomware distributed to South Koreans via recent Flash zero-day

Credit to Author: Malwarebytes Labs| Date: Wed, 14 Mar 2018 17:59:32 +0000

An uncommon exploit kit adds a fresh Flash Player exploit to distribute the Hermes ransomware in South Korea.

Categories:

Tags:

(Read more…)

The post Hermes ransomware distributed to South Koreans via recent Flash zero-day appeared first on Malwarebytes Labs.

Read More
QuickHealSecurity

An analysis of an MS office document exploiting a zero-day flash player vulnerability (CVE-2018-4878)

Credit to Author: Quick Heal Security Labs| Date: Wed, 07 Feb 2018 13:59:42 +0000

Important update! Adobe Systems released a critical security update on 6.02.2017 to fix the vulnerability discussed in this post. We recommend you to apply the update immediately. Summary of the vulnerability CVE-2018-4878 is a use-after-free vulnerability present in Adobe Flash Player 28.0.0.137 and its earlier versions are being exploited in…

Read More
QuickHealSecurity

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

Credit to Author: Pradeep Kulkarni| Date: Sat, 03 Feb 2018 09:39:38 +0000

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe the in wild attack is targeted and it impacts limited windows users….

Read More
IndependentKrebs

Attackers Exploiting Unpatched Flaw in Flash

Credit to Author: BrianKrebs| Date: Fri, 02 Feb 2018 14:21:06 +0000

Adobe warned on Thursday that attackers are exploiting a previously unknown security hole in its Flash Player software to break into Microsoft Windows computers. Adobe said it plans to issue a fix for the flaw in the next few days, but now might be a good time to check your exposure to this still-ubiquitous program and harden your defenses. Adobe said a critical vulnerability (CVE-2018-4878) exists in Adobe Flash Player 28.0.0.137 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system.

Read More