Nork hackers exploit Flash bug to pwn South Koreans. And Adobe will deal with it next week
Maybe it's a good time to just delete the thing
Posted in Security, 1st February 2018 21:51 GMT
Adobe will next week emit patches to squash a security bug in Flash that can be exploited by malicious webpages and documents, when opened, to hijack and spy on vulnerable computers.
The flaw is being abused right now by North Korean hackers to infect victims' PCs. You should update your browser or Flash installation – if you're still using Flash – as soon as the fix lands so other miscreants can't exploit the vulnerability and potentially commandeer your machine.
The programming cockup (CVE-2018-4878) came to light after South Korea's Computer Emergency Response Team found malicious code hiding in Microsoft Office documents, web pages, and spam emails, that exploits the Flash bug to infect Windows PCs with malware.
According to Simon Choi, director of the security research center at Korean infosec biz Hauri, the security hole is being abused by North Korea to spy on those in the South investigating the hermit nation's dictatorship. Victims are tricked into opening dodgy Microsoft Office spreadsheets that hack the PC via the Flash hole:
Flash 0day vulnerability that made by North Korea used from mid-November 2017. They attacked South Koreans who mainly do research on North Korea. (no patch yet) pic.twitter.com/bbjg1CKmHh— Simon Choi (@issuemakerslab) February 1, 2018
Adobe today said it is working on a patch that should be released "during the week of" February 5
All versions of Flash are vulnerable to the aforementioned issue. The Photoshop maker said that – so far – only Windows machines have been attacked, although Windows, Macintosh, Linux, and Chrome OS systems are potentially vulnerable.
Now's a good time to ensure Flash is set to only play when specifically told to – so-called "click to run" – so that malicious Flash files invisibly embedded in documents and webpages can't silently kick off without you knowing. There are other mitigations listed here.