docx documents that contain an embedded Flash video, Zakorzhevsky said. It appears the attacks start with phishing emails in which the victims are sent infected. Shellcode specific to the OS version is then generated and the exploit executes, Zakorzhevsky said. Once the OS check is done, the malware assembles a return-oriented programming (ROP) chain depending on the version of Windows and Flash that is installed. The exploits work against Flash running on Windows XP, Vista, Windows Server 20 R2, Windows 7 and 7 64-bit, Windows Server 2008 R2, Windows 8 and Windows 8 64-bit, and Mac OS X 10.6.8. swf files with identical actionscript code that performs a version check on the victim’s operating system. swf exploits, said Vyacheslav Zakorzhevsky, head of the vulnerability research group at Kaspersky Lab. Kaspersky Lab researchers Alexander Polyakov and Anton Ivanov reported the bug to Adobe after finding a set of new. Flash Player 12.0.0.43 and earlier on Windows and Mac systems are affected as is version 11.2.202.335 on Linux. The attacks appear to be an isolated campaign and there is no connection between these exploits and a new advanced espionage campaign called The Mask that Kaspersky researchers are expected to unveil next week at the company’s Security Analyst Summit.Īdobe issued an emergency patch for the zero-day yesterday CVE-2014-0497 allows an exploit to remotely inject code and control the underlying system hosting the vulnerable software. Exploits for a newly reported zero-day vulnerability in Adobe’s Flash Player drop a password-grabbing Trojan that targets the email and social media accounts of users and organizations in China, researchers at Kaspersky Lab said today.
0 kommentar(er)
