Monday, May 16, 2022

Flash Player Exploits used by Malicious Word Documents

Researchers have discovered directed attacks exploiting the Flash Player bug Adobe patched just last week.

Adobe patched the remote code execution vulnerability (CVE-2012-1535) in Flash Player which could cause the application to crash and possibly admit an attacker to take hold of the compromised computer last Tuesday as part of its regularly scheduled update. At the time, the company alleged there were accounts of the exposure being exploited in the wild in “limited attacks” using malevolent Word documents.

Symantec investigators have noticed such attacks since August. 10th, Symantec’s Bhaskar Krishna wrote of the occurences the Symantec news blog.

The Word document incorporates a malicious SWF file with ActionScript that applies heapspraying methods utilizing embedded shellcode, Krishna said. The Flash exploit is triggered by a font file.

“A large number of attacks were sent on August 13,” Krishna found.

Adobe fixed just one vulnerability in Flash over a week ago, and followed through with a greater security update this week fixing six additional issues in Flash Player across all platforms.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …