Posts

Adobe Flash Zero Day Exploit

There is a vulnerability available for Adobe Flash Player that means anyone running anything but the latest version of Flash has the risk of being infected by malware when browsing a website. One of the most common ways to get infected these days are by drive-by methods, which means that a common website will unknowingly start serving malware through advertisement systems or by simply getting compromised.

It doesn’t matter if you run MAC OS X, Windows or Linux; Flash is universal and everyone run the risk if they are not keeping up-to-date (same as with Java).

I really wish I could say that this is an uncommon or ground-breaking attack vector, but unfortunately it’s the same as with Java – new exploits are coming every month and those who do not keep up-to-date will get compromised. You can find multiple other entries by, for example, searching for patch tuesday; http://bfblogg.wpengine.com/?s=patch+tuesday

For those who are unsure if they are vulnerable to this, you can browse to this page to see the status of your plugins (should work with all browsers), and update as necessary: https://www.mozilla.org/en-US/plugincheck/

It could even be a good idea to set it as your start-page in order to verify your browser each and every day.

As we mentioned in a previous newsletter ( http://bfblogg.wpengine.com/blog/basefarm-sirt-weekly-newsletter-2/ ), you should really turn on “click-to-play” in your browser for flash and other objects (or use NoScript or something similar, but that’s for more technical people).

I personally recommend using Chrome as your browser. The reason for this is that Flash will auto update itself without you having to do anything, whenever there is a new release. So, those running Chrome does not need to worry about this specific vulnerability.

You can check which version of Flash you’re running by going to this website: http://helpx.adobe.com/flash-player.html

It should say you’re running 12.0.44 if you’re running Mac/Windows, and 11.2.202.336 if you are running Linux.

You can find more information here: http://helpx.adobe.com/security/products/flash-player/apsb14-04.html

Zero-day Microsoft Internet Explorer

A new high risk zero Internet Explorer day exploit is currently being active in the wild.

That means that anyone using Internet Explorer 7,8 or 9 to browse the internet has the potential of getting infected by simply visiting a webpage with the specific bad code in it. The code will then download an exploit pack to your computer and can give the unauthorized people access into the infrastructure.

There is currently no patch or solution to the issue from Microsoft, so the only viable option is to switch to another browser. Thinking “I won’t click any links from unknown people” is unfortunately not enough, as it’s getting more and more common for these kind of people to either hack known sites and add the code, or to purchase banner space etc for well known sites which then launches the code without you noticing anything at all.

Two browsers you could use are:
Firefox: http://www.getfirefoxcom
Chrome: http://www.google.com/chrome/

For more information: http://www.kb.cert.org/vuls/id/480095

Update: Since, Microsoft has released an update. Run Windows Update to get the latest versions available.