Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

Emergency Adobe Flash Patch Fixes Zero-Day Under Attack 71

msm1267 writes: Adobe has released an emergency patch for a Flash zero-day used in targeted attacks by APT3, the same group behind 2014's Clandestine Fox attacks. Adobe said Flash Player 18.0.0.161 and earlier for Windows and Macintosh systems are affected, as is 11.2.202.466 for Linux 11.x versions.

The current iteration of Clandestine Fox attacks shares many traits with last year's attacks, including generic, almost spam-like phishing emails intent on snaring as many victims as possible that can be analyzed for their value before additional attacks are carried out. The two campaigns also share the same custom backdoor called SHOTPUT, as well as an insistence on using a throwaway command and control infrastructure.
This discussion has been archived. No new comments can be posted.

Emergency Adobe Flash Patch Fixes Zero-Day Under Attack

Comments Filter:
  • Comment removed based on user account deletion
    • by iMouse ( 963104 )

      We started seeing exploits of Flash Player (CVE-2015-3105) containing CryptoWall payloads last week. This new one probably has the ability to carry out a very similar payload, but is instead concentrating on backdoor access, potentially for botnet building or data extraction.

  • disable flash! (Score:5, Insightful)

    by Gravis Zero ( 934156 ) on Tuesday June 23, 2015 @01:48PM (#49971787)

    i said it before [slashdot.org] and i'll say it again.

    there are very few reasons to keep flash installed/enabled. if you must have it, use flashblock but chances are you can just disable/remove it completely. if some site still uses flash to play video, leave a complaint in the comments. those that haven't switched to html5 yet will do so soon enough.

    if you still have java plugin installed, you better have a good reason because no (sane) sites use that shit.

    • Disabling since 2011 and very unhappy with site adoption. At least if the site is popular, its targeted with 3rd party software, like twitch for example.

    • Yep. Keeping flash installed and running on your computer is like going around licking people in the infectious disease ward in the hospital.
    • Comment removed based on user account deletion
    • by gweihir ( 88907 )

      You are quite right. Flash is un-fixable. I de-installed and disabled it some months ago because I was finally fed up.

    • by Kjella ( 173770 )

      Click to play will protect you against most exploits, since they usually depend on either a) redirects to random malware page or b) infecting ad banners. Sadly there's a lot of decent content built on last decade's technology. And some that are adopting that tech today, but I can't really say more....

      • Except for exploits, including the one in the article, which use Flash embedded in Word and other documents sent by email. The HTTP browser isn't the only application which can use Flash content.
    • Except for work computers, which almost always require at least one annoying thing per year which needs Flash ... I've had Flash disabled or simply not installed for as long as there has existed Flash.

      Because it's been a horribly broken security hole since it has existed.

      My solution to broken videos that require Flash? I simply don't give a damn.

      I'm sure there are things people feel they can't live without that require Flash ... for me, I have yet to find a single one.

      After over a decade of simply not usin

    • I finally removed Flash two weeks ago. Even with white-listing and Flashblock/Click-to-Enable, the few video sites and online apps that use it weren't worth the continued risk of having it installed. Occasionally I run across a site that requires Flash, but these are rare enough that I can skip by the site without too much worry (if I really /really/ need to access a Flash-enabled site, I'll just fire up a virtual image and install Flash on that).

      Only downside is that controls for HTML5-video aren't quite

  • Fuck. Another goddamn Adobe update? Fuck Adobe updates.
    • Fuck. Another goddamn Adobe update? Fuck Adobe updates.

      Are you new to Adobe, Windows, or just computers in general?

      Dunno how the hell you're gonna survive the future when your fucking toilet is gonna need a weekly update to avoid those shitty vulns.

      Yeah, yeah, yeah...I know it's just a smart toilet. It was in the EULA. Right there on page 743. You should learn to read those things.

      • Yeah, yeah, yeah...I know it's just a smart toilet. It was in the EULA. Right there on page 743. You should learn to read those things.

        You may be joking, but now I'm really wondering if toilets in Japan can have their firmware updated, etc.

    • by Megane ( 129182 )
      I just got an update downloaded like two days ago for 18.0.0.160 and hadn't installed it yet. Now it's already two numbers obsolete? And the number one use of this festering pile is to deliver ads that take over your page and scream at you.
    • by Mashiki ( 184564 )

      Oh it gets better. Since the last release, they now force mcafee on you. [imgur.com]

    • by gnupun ( 752725 )

      If only Flash had been implemented in a safer programming language, like Pascal, these bugs would've been rare and few. But all the macho programmers love C/C++, so more vulnerabilities and updates for you every day.

  • by Anonymous Coward

    Youtube uses HTML5 now. Why does anyone still have a reason to use flash? (I mean besides for watching pr0n, which you do inside a virtual machine, and you restore to a checkpoint afterwards to completely avoid any possibility of malware infestation or cross-session cookies, right?)

    tl;dr: Uninstall flash. You don't need it anymore.

    • by Anonymous Coward

      vmware vsphere is still flash based

    • You can get porn over HTML5.

      But Hulu and Netfllix both still require 3rd party plugins (Flash, Silverlight)... if I recall correctly.

    • by Gizan ( 3984275 )
      Youtube isnt HTML5 default like it claims, i recently had problems with youtube after new chrome install, and it was still on flash, now i have it forced to html5.
    • by ShaunC ( 203807 ) on Tuesday June 23, 2015 @07:21PM (#49973865)

      Youtube uses HTML5 now. Why does anyone still have a reason to use flash?

      Most functionally useful weather radars, including NOAA's, require Flash. My state's Department of Transportation uses Flash for their traffic cameras. Livestream.com, which hosts my local TV news broadcasts along with other stuff like SpaceX launches, is still Flash. And if I want to view any cable TV programming on the computer, Comcast's player is Flash based.

      I'd love to have uninstalled Flash a long time ago; for the time being I have to keep it around and use Flashblock.

    • by MrL0G1C ( 867445 )

      Except for some youtube embeds - they still require flash to use. I have to enable flash for pages pretty regularly.

  • need to crush their candy and blitz their jewels.
  • How does Adobe distinguish between 'normal' and 'emergency' when it comes to attacks facilitated by the Adobe Malware Runtime?
  • by gweihir ( 88907 ) on Tuesday June 23, 2015 @02:17PM (#49971961)

    I have de-installed the "Flash" malware some time ago and it will _not_ find its way on my computer again. This thing is a solution for nothing, but a persistent problem. It really is a pity, Adobe used to make good software. Not anymore.

  • I look forward to the Flash programmers soon being tried for their crimes against humanity.

    Hmm. Maybe not, as it will probably be broadcast using Flash.
  • by SeaFox ( 739806 )

    If they were a female hacker group, they should haven take the name APT3-G [wikipedia.org]. That would have made the "Clandestine Fox" attack even more deliciously-named.

  • Drives me nuts ever week or so asking me to install updates. It's a stupid pop-up updated app that gets triggered when a page with flash is loaded.

    Yes I understand that running a browser non-stop for weeks goes against their updating philosophy. Too bad. The constant "Update now!" alerts just make their users more likely to fall for phishing scams.

    Instead, if you can't update your plugin on already loaded pages... Refactor your app.

    Make the bit loaded by the browser a wrapper that can allow its back end to

  • Mozilla couldn't run a piss-up in a brewery these days, I went to the plugin check page and it is broken, no plugin check, no link to adobe.

  • Despite me or my predecessor not loading Flash onto any systems we images and put out, I found it's on about 85% of our user's systems. Today I finally caved after seeing this and pushed the latest MSI from Adobe with this patch included out via GPO. Nearest I figure you're better controlling the beast than letting it run rampant and make sure users stay up to date. Tomorrow I will checking with management and pushing Chrome MSI as well to force users to use Chrome for all non local-Intranet sites.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...