If you search the files stolen from a company dedicated to monitoring and hacking, it is expected to discover some surprises: for example, among the 400 GB of files stolen from The Hacking Team in the weekend, a 0day vulnerability for Flash, integrated into an exploit, has been identified by researchers. This was used by The Hacking Team targets to infect their plays RCS software. The flaw was particularly characterized as “more beautiful Flash flaw last four years” in the documentation found among the broadcast following the hacking files. This flaw affects all versions of Flash to the Version 18.0.0.194.
Unknown Adobe, the flaw discovered yesterday lacked patch and could affect all Flash users. Among the first to have sounded the alarm, publishers of Symantec and Trend Micro antivirus published two blog post detailing the fault and advising users to disable Flash until the arrival of a corrective patch. This affects users of Internet Explorer, but could also be functional on other browsers.
Even more worryingly, the Kafeine blogger reports that the main exploits kits, these “Swiss army knives” of cybercriminals had integrated vulnerability discovered just hours after its discovery, leaving consider possible attacks exploiting this fault. Several known exploit kits such as the kit Angler, the Nuclear Pack Neutrino or have integrated the exploit recovered in Hacking Team in their portfolios.
Adobe has for its part confirmed today becoming aware of the vulnerability and has released a patch to solve the problem: the version 18.0.0.203, available on the official Adobe website should allow users to sleep soundly. Finally, until the next fault.
No comments:
Post a Comment