Adobe releases upgrades every “Patch Tuesday”. New patches were rolled out to fix the latest zero-day threat uncovered in the critically-acclaimed Flash Player application. This zero-day threat was detected immersed within infectious MS Office files.
A month ago, these malicious documents were detected after somebody added them on an online document scanner named VirusTotal, from an IP in Ukraine.
As reported by Gigamon and Qihoo 360 Core Security, the pair of organization’s that detected the malware containing files, the vulnerability was inserted as a Flash Active X particle within a Word file created to appear like a 7 pages long employment application for a healthcare agency in Russia.
As per the cybersecurity analysts if the people who got the files executed the Flash Active X particle, then the malware containing code will be able to access the operating system. It was inserted a file in JPG format and then open an RAR file embedded in the JPG file to insert an executable file on the person’s computer. Then the regular backdoor Trojan horse file will get installed. Specialists stated that this threat had the capability of infecting Windows 32-bit and 64-bit architectures.
Qihoo 360 Core Security highlighted that the infected documents were added on VirusTotal merely a couple of days subsequent to the well-known Kerch Strait even that happened with Russia and Ukraine.
But, the Qihoo analysts did not officially blame Russia for the zero-day attack. Russian cybercriminals and malicious hackers are famous for using Flash threats along with launching regular attacks on Ukraine.
It is not known if the zero-day threat was utilised in live attempts, and if the victims added the files on VirusTotal or the hackers.
Adobe has rolled out an updated version named 220.127.116.11 to fix the zero-day vulnerability. If anyone suspects of being hit by the malware attack, then it is best to remove Adobe Flash Player as it might be killed in 2020 anyway. Stay tuned with TechnoCodex for more updates.
For the latest tech news and updates follow TechnoCodex on Facebook, Twitter, Google+. Also, if you like our efforts, consider sharing this story with your friends, this will encourage us to bring more exciting updates for you.