Submitted by GrimWillow in security_culture

This is from a security bulletin from Riseup.net about a month ago:


Adobe Flash Advisory

The problem

Adobe Flash is a plugin for most web browsers that allows the browser to display interactive content such as games and videos. In a new vulnerability announced on Monday, Adobe Flash can be tricked by a website you visit or a document you open to allow a remote attacker to take control of your computer.

Who does this affect?

The problem exists in all web browsers that have Adobe Flash, on all operating systems. It also affects Microsoft Office.

By combining this vulnerability with others, an attacker can take total control over your computer, read all your data, capture all your login accounts, spy on you through the webcam, and so on.

What can I do to protect myself?

Disable Adobe Flash immediately. It is a constant source of security holes, and is being discontinued by Adobe.

Until recently, sites like YouTube relied heavily on Adobe Flash. Today, however, you don't need Adobe Flash in order to use most sites with dynamic content or video. Because of this, you should disable or uninstall Flash entirely. If you have some burning reason you need Adobe Flash, you can also upgrade Flash to the new version without the vulnerability.

Disable Flash

  • Chrome: Preferences: Settings > Show advanced settings > Content settings > Flash > uncheck "Allow sites to run Flash".

  • Firefox: Tools: Add-ons > Plugins > Flash > Never Activate.

Uninstall Flash

For instructions on how to uninstall Flash for every browser, see https://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/

Upgrade Flash

See Adobe's security advisory for instructions on how to get a patched release of Flash https://helpx.adobe.com/security/products/flash-player/apsb17-32.html

More information

An attack using this vulnerability in Adobe Flash was observed on October 10 by Kaspersky Lab. The vulnerability was being used to infect the victim's computer with the FinFisher malware. The group behind the attack is believed to be BlackOasis, aka NEODYMIUM, which historically focuses on targeted attacks against civil society actors in Turkey. BlackOasis is classified as an "advanced persistent threat" and is believed by many researchers to be a customer of the Gamma Group, a German and UK corporation with along history of surveillance and monitoring of activists.

For further reading, see:

http://www.securityweek.com/middle-east-group-uses-flash-zero-day-deliver-spyware

https://threatpost.com/adobe-patches-flash-zero-day-exploited-by-black-oasis-apt/128467/

https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/

https://en.wikipedia.org/wiki/Gamma_Group

- Riseup.net

6

Comments

You must log in or register to comment.

sudo wrote

I have a few old interactive flash animations from Newgrounds saved on my computer that I just can't bear to get rid of - that's the only reason why I have a (libre) flash interpreter installed. If someone developed a program that would compile an swf program into native x86_64 bytecode, I'd ditch it entirely.

There's no Flash enabled in my browser, of course.

2