Friday, 23 January 2015 20:18

Zero-day vulnerability affecting Adobe Flash on Windows IE, Firefox Featured


A new zero-day vulnerability targeting Flash-based ads seen when browsing with Internet Explorer and Firefox is actively being exploited by cybercriminals - what can you do?

If you’re running Internet Explorer 6 through 11 or Firefox on Windows XP through to Windows 8.1, and have the latest Adobe Flash installed, you’re at risk of getting infected by malware right now.

This is even if you have your operating system and Flash up to date with all the latest updates and patches, as this is how zero-day vulnerabilities work - Adobe didn’t know there was a flaw and cybercriminals are actively exploiting it.

Trend Micro brought the issue to our attention following a report by a malware researcher named ‘Kafeine’, with Trend Micro seeing the same kinds of malware samples Kafeine had reported on.

Trend Micro says that this new malware is affecting the latest versions of Adobe Flash Player, with Adobe yet to release a patch to fix the problem, with attacked systems finding ad-fraud malware against ad-networks, but which Kafeine says can also be used to install cryptolocker-style ransomware.

The exploit is now part of the ‘Angler Exploit Kit’, which cybercriminals are using to infect computers mostly in the US, with infections also coming from Taiwan, Australia, the UK and elsewhere.

The ad-fraud the current exploit is perpetuating sees program installed which ‘automatically click on certain ads on a certain website, artificially inflating the amount of clicks that ad gets. Since ad networks pay the owner of the website hosting their ads based on the amount of click each ad gets, ad fraud games the system by tricking the hapless ad network to pay more.’

This doesn’t necessarily affect users, but as Trend Micro points out that as malware has been installed onto your system, this malware can be programmed to install other malware in the future - which with ransomware or other malware nasties can cause damage to your files, steal your data or worse.

So, how do you get infected? Simply by going to any site on the Internet that has an infected Adobe Flash banner ad.

Trend’s blog states: “What makes this situation more serious is that the attacks we’ve seen are using banner ads (called “malvertisements”) to spread malware. This means that you can go to trusted sites you expect to be safe and still get malware on your system.”

“These attacks work by attackers targeting and compromising the third-party ad servers that offer the ads you see on legitimate and popular sites. This is a particularly nasty form of attack, one that puts average users at great risk.”

Trend Micro has more detail on this malware at its blog post here

Trend recommends either turning off Flash Player, or if you’re not able to disable it, you can install ad-blocking software.

Kafeine notes that MalwareBytes’ free anti-exploit software also blocks this attack. 

While IE and Firefox are affected, Google’s Chrome browser, which has Flash built-in, isn’t being affected by this threat, or at least, isn’t being affected at the moment.

There’s also no indication that Macs running Flash or Android devices still running Flash are affected, but it’s still worth running security software and applying Adobe Flash patches when they become available, although as Flash isn’t supported on Android anymore there presumably won’t be any updates for Android devices still capable of running Flash.

Naturally, Trend Micro also promotes its own security software, stating that any of its customers running Trend Micro Security, Worry-Free Business Security, OfficeScan, Deep Discovery, Deep Security and the Smart Protection Suites are protected against current attacks using this vulnerability.

Other anti-virus companies are presumably acting to provide protection against this exploit but none have contacted iTWire beyond Trend Micro to alert us of this, so if you’re not running a current and update version of Trend Micro you might want, at the very least, to get the free MalwareBytes anti-exploit software (linked above) onto your system.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Alex Zaharov-Reutt

One of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.



Recent Comments