Saturday 27 June 2015

Trend Micro: New Flash Vulnerability Same Reason As Earlier Leak


The latest vulnerability in Adobe Flash Player which this week an emergency patch appeared to have the same cause as previous vulnerabilities in the popular browser plug-in. This enables the Japanese anti-virus company Trend Micro after analysis. This week, the vulnerability was with he CVE number 2015-3113 patched after the leak was previously used in targeted attacks. According to researchers, the leak is very similar to CVE-2015-3043 that Adobe patched in April.

Both vulnerabilities cause a buffer overflow. It also appears that an exploit for the vulnerability also published in April version 18.0.0.160 could crash (the latest Flash Player version before the emergency patch released this week). Both vulnerabilities are caused handle FLV with the Nellymoser audio codec and can be attacked through a specially prepared audio tag of an FLV file.

"This incident shows how important it is carefully developing patches to prevent vulnerabilities patched at a later time be attacked again," said the researchers. Which argue that software developers need to perform regression tests to ensure that old bugs are not a threat to new versions of the software.

E-mail

It was already known this week that the attackers left in emails used to lure targets to a malicious page where the Flash Player flaw was then attacked. Security company Websense says that the emails had used the subject line "2015 Program Kick Off". The text stated that the recipient was invited to a meeting. Through the attached link could be found more information about the meeting. The attackers would have mainly focused on the technological and scientific sectors.

No comments:

Post a Comment