On February 1, 2018, the Korea Internet Security Center (KrCERT/CC) reported a zero-day remote code execution (RCE) exploit for the Adobe Flash Player vulnerability CVE-2018-4878 actively being used in the wild. Adobe has since published an advisory and has plans to release a patch the week of February 5.
At the moment, the attack is targeted and is limited to a specific region in East Asia. The reported attack uses a malformed Flash object embedded in a Microsoft Excel document. The same exploit can be embedded in other content that support Flash controls, including web content delivered through web browsers.
Windows Defender Antivirus detects the attack as:
There are several ways that this attack can be mitigated before the patch is available:
For the latest updates, follow @WDSecurity on Twitter.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.