contador pagina web Skip to content

Flash Player: red alert for a third 0-day in a row

Update : Adobe has corrected the vulnerability. Flash Player 16.0.0.305 is available through automatic update or by manual download. Adobe is working with Google and Microsoft to integrate the update into Google Chrome and Internet Explorer 10/11.

—–

News published on February 3, 2015

For the third time in just a few days, Adobe is facing a new security vulnerability affecting Flash Player. Currently without a patch and therefore of the 0-day type, it is used in attacks.

In a security advisory, Adobe refers to a critical vulnerability affecting Flash Player 16.0.0.296 and previous versions for Windows and OS X (but not the 11.x branch for Linux). It is exploited in drive-by-download attacks (infection during the simple visit of a Web page) targeting systems running Internet Explorer and Firefox on Windows 8.1 and earlier versions.

bugIn particular, the security company Trend Micro has discovered an exploit used in malvertising attacks where online advertisements that load when a user visits are used in order to spread malware. This was for example the case on the dailymotion.com site (one example among others) where Internet users were redirected to an hxxp URL: //www.retilio.com/skillt.swf hosting the exploit itself .

It is here the advertising platform which is the vector of the infection and not Dailymotion or the other sites. Trend Micro has detected almost 3,300 malicious redirects in connection with this exploit and attacks are still underway.

According to Adobe, exploitation can cause a crash and " potentially "allow an attacker to take control of a vulnerable system. A fix should arrive sometime this week.

This series of 0-days in such a short time is obviously bad publicity for Flash Player and this while he digs a little more his grave since the default choice of YouTube in favor of HTML5.

While waiting for the fix, it is recommended to disable Flash Player in the browser. With Firefox, this is simply done from the panel dedicated to the management of additional modules and here plugins. For Internet Explorer, the procedure is hardly more complex via the management of additional modules from the tools. Note that for Google Chrome, deactivation is also possible by entering chrome: // plugins in the address bar.