27 June 2015

Adobe Flash Player is a real source of irritation. New vulnerabilities are continuously made public. In the last three month 64 vulnerabilities were published in the NIST NVD Database, of which 43 with highest severity 10.0.

The latest vulnerability CVE-2015-3113, that potentially allows an attacker to take control of an affected system, is a technically advanced piece of malware. For technical details see the FireEye blog post ‘Operation Clandestine Wolf – Adobe Flash Zero-Day in APT3 Phishing Campaign’.

As usual the attack is started through a phishing email. And, once the attackers got access to the victim’s network, they move laterally through the network in the search of valuable information.

With this we have the first and second line of defense in a prevention strategy: User awareness training to support users in recognizing such attacks, and system isolation to prevent the attackers from moving laterally through the network.

Perhaps it’s time to solve this problem once and for all by uninstalling Flash Player…

Have a good weekend.