RV_ Posted December 5, 2018 Report Share Posted December 5, 2018 For Windows 10 users this update is available in Windows updates now. Flash has an out of cycle update for a serious vulnerability: Adobe releases out-of-band security update for newly discovered Flash zero-day Zero-day spotted embedded in malicious Office documents uploaded on VirusTotal. Excerpt: "Adobe released patches today for a new zero-day vulnerability discovered in the company's popular Flash Player app. The zero-day has been spotted embedded inside malicious Microsoft Office documents. These documents were discovered last month after they've been uploaded on VirusTotal, a web-based file scanning service, from a Ukrainian IP address. According to reports from Gigamon (formerly ICEBRG) and Chinese cyber-security firm Qihoo 360 Core Security, the two companies which spotted the documents, the zero-day was embedded as a Flash Active X object inside a Word document designed to look like a seven-page employment application for a Russian state healthcare clinic. If victims who received the documents allowed the Flash Active X object to execute, researchers said the malicious code would escalate its access from the Office app to the underlying OS. Here it would drop a JPG file, then unzip another RAR file attached at the end of this JPG file to drop an EXE file on the victim's PC, and then run this file (a basic barebones backdoor trojan). Researchers said this zero-day was capable of running on both 32-bit and 64-bit architectures." More here in the original article: https://www.zdnet.com/article/adobe-releases-out-of-band-security-update-for-newly-discovered-flash-zero-day/?promo=404&tag=nl.e404.em&ttag=e404&s_cid=e404&ftag=CAD-04-10aag0g&cval=cnet-nl-zd&regId=MjA2NDA1NjI0MTM4ODQzODU4MTc4MDc0NzE1ODEwMzE%3D&bhid=20640562413884385817807471581031 And this: Cyber-espionage group uses Chrome extension to infect victims Suspected North Korean APT uses Google Chrome extension to infect victims in the academic sector. https://www.zdnet.com/article/cyber-espionage-group-uses-chrome-extension-to-infect-victims/?promo=404&tag=nl.e404.em&ttag=e404&s_cid=e404&ftag=CAD-04-10aag0g&cval=cnet-nl-zd&regId=MjA2NDA1NjI0MTM4ODQzODU4MTc4MDc0NzE1ODEwMzE%3D&bhid=20640562413884385817807471581031 RV/Derekhttp://www.rvroadie.com Email on the bottom of my website page.Retired AF 1971-1998 When you see a worthy man, endeavor to emulate him. When you see an unworthy man, look inside yourself. - Confucius “Those who can make you believe absurdities, can make you commit atrocities.” ... Voltaire Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.