<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=885880844953016&amp;ev=PageView&amp;noscript=1">

Threat Alert: Adobe Flash Zero-Day CVE-2018-15982

Posted by Morphisec Labs on December 5, 2018 at 7:31 PM

Flash-zeroday-12-2018

Today Adobe disclosed a new Flash zero-day, releasing a patch for the critical vulnerability in an out-of-band update. Successful exploitation gives attackers the ability to execute arbitrary code on the targeted machine, and eventually assume full system control. Morphisec customers are already protected from attacks exploiting this vulnerability.

Background

On November 29, researchers at Qihoo 360 discovered two APT attacks exploiting the zero-day. The attacks use a malicious Microsoft Office document with the zero-day embedded as a Flash ActiveX object and include several evasive techniques to avoid detection by security solutions. At the time of publication, only one of the security solutions on Virus Total was able to stop the exploit. Adobe has assigned the identifier CVE-2018-15982 to the zero-day.

CVE-2018-15982 is yet another use-after-free vulnerability (Morphisec predicted the rise of these types of vulnerabilities in Q1), implemented in a way very similar to CVE-2018-4878. While the trigger is metadata in com.adobe.tvsdk, the code is not obfuscated, easily reproducible and fully contained within a single file. This is very different from many delivery methods of advanced exploits in which the critical exploit component or its decryption key is maintained remotely. This could be due to the need to keep it simple and not trigger security vendors based on obfuscation only.

Potential Impact

This latest Flash vulnerability is likely to become the new favorite of cybercriminals. Most enterprises will not patch the vulnerability for months. Like the Flash vulnerability CVE-2018-4878, we anticipate CVE-2018-15982 will soon become a staple of exploit kits.

Morphisec Prevents Exploitation of CVE-2018-15892

Morphisec customers never had to worry about this zero-day. Watch as our Moving Target Defense technology stops the attack before it can even start. 

 

Contact one of our security experts to learn how Morphisec keeps your business safe from zero-days and advanced evasive attacks.

 

Topics: Threat Alerts, Zero-day, Exploits, Cyber Attacks

Welcome to our Blog

Keeping you in the loop with company updates, industry insight, cyber security trends, and cyber attack information.

Subscribe to the blog

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....

 

Recent Posts

Most Popular Posts