Attackers Target CVE-2012-0754 Adobe Flash Bug

You are currently viewing our forum as a guest. This means you are limited to certain areas of the board and that there are some features you can't use or read.

We are an active community of worldwide senior members participating in chat, politics, travel, health, blogging, graphics, computer issues & help, book club, literature & poetry, finance discussions, recipe exchange and much more. Also, as a member you will be able to access member only sections, many features, send personal messages, make new friends, etc.

Registration is simple, fast and completely free. Why not register today and become a part of the group. Registration button at the very top left of the page.

Thank you for stopping by.

Join our community!

In case of difficulty, email worldwideseniors.org@gmail.com.
If you're already a member please log in to your account to access all of our features:

Attackers Target CVE-2012-0754 Adobe Flash Bug
Topic Started: Mar 6 2012, 08:30 PM (172 Views)
Deleted User	Mar 6 2012, 08:30 PM Post #1
Deleted User	Quote: Monday, March 5, 2012 Attackers Target CVE-2012-0754 Adobe Flash Bug An Adobe Flash vulnerability fixed last month is being used in targeted attacks right now, with attackers attempting to persuade victims to open a malicious Word document that contains the payload for the Flash bug. The vulnerability has been patched for nearly a month, but history has shown that flaws that have been patched for several months or even years are still quite valuable for targeted attacks. Researcher Mila Parkour at Contagio analyzed one of the recent targeted attacks and found that the malicious code attempts to download an MP4 file that looks benign. The subject of the email that contains the exploit is "Iran's Oil and Nuclear Situation" and it includes an attached Word document. If the victim opens the Word file, the Flash code inside tries to download an MP4 file from a remote server. That file contains the actual exploit code that triggers the Flash bug. Story - https://threatpost.com/en_us/blogs/attackers-target-cve-2012-0754-adobe-flash-bug-030512
Deleted User


Deleted User	Mar 6 2012, 08:32 PM Post #2
Deleted User	Quote: Monday, March 5, 2012 Adobe Issues Emergency Fix For Flash Player Vulnerabilities Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player. Adobe on Monday issued two emergency fixes for critical security vulnerabilities in its Flash Player product. The vulnerabilities, if left unpatched, could allow an attacker to take control of a system running a vulnerable version of Flash Player. The Security Bulletin, APSB12-05, includes updates for two vulnerabilities, identified as CVE-2012-0768 and CVE-2012-0769. The company said the holes, reported to Adobe by security researchers Tavis Ormandy and Fermin Serna of Google, affect a wide range of platforms, including Adobe Flash Player 11.1.102.62 and earlier versions for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 11.1.115.6 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.6 and earlier versions for Android 3.x and 2.x. The company said that the holes were Priority 2 vulnerabilities, and said it did not know of any active attacks leveraging the vulnerabilities. Customers were advised to patch vulnerable systems within 30 days Story - https://threatpost.com/en_us/blogs/adobe-issues-emergency-fix-flash-player-vulnerabilities-030512
Deleted User


1 user reading this topic (1 Guest and 0 Anonymous)


« Previous Topic · SOFTWARE & HARDWARE · Next Topic »