Wednesday, December 5, 2018

Adobe Flash Zero-Day Exploited In the Wild

Another month, another critical vulnerability in an Adobe product.  Hit the link for information on how the bad guys are trying to access your Adobe hole.

Gigamon Applied Threat Research (ATR) identifies an active exploitation of a zero-day vulnerability in Adobe Flash via a Microsoft Office document. The vulnerability (CVE-2018-15982) allows for a maliciously crafted Flash object to execute code on a victim’s computer, which enables an attacker to gain command line access to the system. The document was submitted to VirusTotal from a Ukranian IP address and contains a purported employment application for a Russian state healthcare clinic.