You can now find Cyber Kendra on Google News | Telegram

Adobe Flash Zero-Day found in Hacker team leaked Data

Adobe Flash Zero-Day found in Hacker team leaked Data, adobe zero-day exploit in hacker team, leaked data exposed adobe zero-day, security if adobe flash, vulnerability on adobe flash, hacker team hacked
In the recent security breach of Hacker Team where 400 GB of data exposed, the leaked data shows many new and confidential information about the surveillance software firm.

After analyzing the leaked data, experts have found that Hacker Team had three software exploit where two is of Adobe and one is of windows.

Out of two, one of the Flash Player vulnerabilities, known as Use-after-free vulnerability with CVE-2015-0349, has already been patched. But the another one is Zero-day exploit and was in the adobe flash software, last from four years.

"Symantec has confirmed the existence of a new zero-day vulnerability in Adobe Flash which could allow attackers to remotely execute code on a targeted computer," they wrote in a blog post published Tuesday. "Since details of the vulnerability are now publicly available, it is likely attackers will move quickly to exploit it before a patch is issued."

Till yet there is no indication the vulnerability is being actively exploited at the moment, but it might get in wild soon.

Adobe officials are aware of the finding and expect to release a fix on Wednesday. But Until a fix is installed, readers should consider disabling Flash, particularly when browsing websites they are unfamiliar with.

Researchers found that the POC if the adobe flash zero-day successfully worked on the most latest, fully patched version of Adobe Flash (version with Internet Explorer.

Moreover another zero-day exploit is in windows kernel. The technical analysis of the exploit leaked from Hacking Team, which is available here, indicates the vulnerability is in every version of Windows since Windows XP. The so-called escalation of privileges exploit could be used in combination with another exploit to increase an attacker's access to a targeted machine.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.