Adobe has finally released a critical security update patching a zero-day vulnerability in its Flash player that has been linked to North Korean government hacking groups and reportedly exploiting since November.
After the flaw was uncovered, the South Korean Computer Emergency Response Team (KR-CERT) warned citizens of the bug. Code-named CVE-2018-4878, it was thought to allow hackers to take advantage of Office documents with embedded malicious Flash content distributed via email.
The South Korean authorities believed that hackers associated with the authoritarian government in Pyongyang were using the zero-day vulnerability to launch attacks on South Korean researchers working on projects about North Korea.
Simon Choi, a security researcher based in South Korea, has spent much of his time, recently, exploring the flaw and said last week he believes North Korean hackers first started using the flaw as long ago as November 2017.
"Flash zero-day vulnerability made by North Korea has been used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea," he wrote on Twitter at the time.
After acknowledging the flaw last week, Adobe has finally published an updated advisory, issuing a fix for the problem, stating it was "aware of a report that an exploit for CVE-2018-4878 exists in the wild, and is being used in limited, targeted attacks against Windows users".
It continued: "These updates address critical vulnerabilities that could lead to remote code execution in Adobe Flash Player 188.8.131.52 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system."
Along with the fix to CVE-2018-4878, Adobe's latest release also fixes CVE-2018-4877, which is also rated critical and can enable attackers to execute code remotely. The discovery of this flaw is credited to "bo13oy" of Qihoo 360's Vulcan Team, working alongside Trend Micro's Zero Day Initiative.
However, Adobe reckons the latter vulnerability hasn't yet been used in any known attacks.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software