• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Current News   »   History of Flash: Zero day and other vulnerabilities

History of Flash: Zero day and other vulnerabilities

  • Posted on:February 6, 2015
  • Posted in:Current News, Industry News
  • Posted by:
    Trend Micro
0

In recent years, the Adobe Flash Player has been a magnet for cyber criminals. The platform has been exploited and utilized as a launchpad for attacks on users, and several zero-day vulnerabilities have been discovered, including two identified in 2015. Because the media player has a considerable number of users, chances are good that it will continue to be a high-value target in the near future as well.

2015 brings two zero day discoveries
Flash began the year with several difficulties, including the discovery of two zero-day vulnerabilities within the first few weeks of 2015. According to Trend Micro, the first threat was uncovered toward the end of January and impacted users of Adobe Flash Player for Microsoft Windows.

This weakness enabled attackers to run specific code or entire software programs on victims’ computers, taking control of the system as if they were the device owners.

“Anything you can do on your computer, the attacker’s program can do,” Trend Micro stated in a release. “In a worst case like this, they can load malware on your computer.”

This initial vulnerability also leveraged the Angler exploit kit, enabling the attack to spread quicker than if this tool was not involved. Adobe did eventually release a patch for this weakness, making it important in all cases that systems are continually kept as up-to-date as possible.

At the beginning of February, Trend Micro announced that yet another zero-day exploit was discovered in connection with Flash. This time, the vulnerability was utilized for advertisements containing malware. The exploit, dubbed CVE-2015-0313, also hinged upon the Angler exploit kit and was similar to the other zero day discovered earlier this year.

Trend Micro had been tracking this exploit since mid-January, and discovered peaks in traffic connected with this weakness on or around Jan. 27. Many of the users who were encouraged to visit the malicious URL were based in the U.S, and as of Feb. 2, there were a total of 3,294 hits to the server connected with CVE-2015-0313. Adobe also released a patch for this vulnerability, which came about a week after its discovery.

2014 vulnerabilities: Fiesta exploit kit
Last year saw a number of Flash-based vulnerabilities as well, including one using the commercial exploit kit Fiesta, according to PCWorld. This weakness, subsequently named CVE-2014-0569, was patched by Adobe, but many users did not install the patch before they were targeted and attacked by cyber criminals.

This weakness was initially uncovered by Kafeine, an online researcher, who thought the exploit targeted an earlier-patched vulnerability, but another researcher from F-Secure found that it was pinpointing a newer issue. Kafeine also noted that the speed at which the exploit was included in the well-known Fiesta kit signaled considerable connections on the part of the hacker that created it.

“Kafeine expressed surprise that a CVE-2014-0569 exploit landed in Fiesta so quickly,” wrote PCWorld contributor Lucian Constantin. “Either the author has some really skilled contacts or someone might have been induced by money to break a non-disclosure agreement.”

One of the biggest issues seen with this vulnerability was the fact that so many users were attacked even after a patch was released. Constantin noted that this weakness was used in several large-scale attacks only a few days after the patch was made available. This once again demonstrates the importance of keeping systems up-to-date. Adobe has released a number of patches for the range of vulnerabilities that have been discovered, and ensuring that these patches are put in place as soon as possible can help mitigate the possibility of an attack.

Another vulnerability discovered in early 2014 was similar to the one uncovered this year in that it allowed hackers to take over the systems of their victims. This attack, however, impacted users of the Windows, Mac and Linux operating systems, according to security expert Brian Krebs. Adobe released an unscheduled patch to prevent attacks for all three OSs.

2013 vulnerability: Adobe releases emergency update
Security researchers discovered other vulnerabilities in early 2013, causing Adobe to make an emergency update available to patch the two weaknesses, Ars Technica reported. The vulnerabilities targeted Mac users and enabled hackers to exploit online activities and install malicious programs on victim’s devices. Although researchers only found instances of attack involving OS X users, updates were offered for Linux and Android systems as well.

Ensuring systems and up to date for security
Overall, Flash’s history of zero-day and other vulnerabilities illustrate just how important it is to ensure that systems are up-to-date. Although users still risk attack and infection with zero-day weaknesses, individuals should install patches as soon as they are released to help prevent any malicious activities from taking place on their machines. Trend Micro also suggested that users consider disabling their Flash Players at the first notice that a zero-day vulnerability has been discovered. This will ensure that hackers are unable to target their systems, and the platform can be enabled after an Adobe update has been released and downloaded.

Related posts:

  1. Update: The Hacking Team Flash Zero-Day Trifecta
  2. Update: Hacking Team Flash Zero Day – Not Out of the Woods
  3. The fix is in for Adobe’s newest Flash flaw
  4. New “Zero-day” in Adobe Flash: What You Need to Know

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • New Report: Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy
  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.