Adobe Fixes 69 RCE Flaws As New Flash Zero Day Emerges

Adobe has patched 69 flaws in Reader, Acrobat and Flash but it is unclear whether the company has fixed yet another zero-day vulnerability in the latter which researchers claim is being used in the ‘Pawn Storm’ phishing campaign.

Pawn Storm is well known for its high-profile targets and researchers at TrendMicro note the URLs hosting the exploit are similar to those used in attacks targeting NATO and the White House earlier this year. TrendMicro has been monitoring the campaign for some time.

Pawn Storm

“In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe,” said the security firm. “The targets received spear phishing e-mails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events.”

Example of such subjects included “Suicide car bomb targets NATO troop convoy Kabul”, “Syrian troops make gains as Putin defends air strikes”, “Israel launches airstrikes on targets in Gaza”, “Russia warns of response to reported US nuke build-up in Turkey, Europe” and “US military reports 75 US-trained rebels return Syria.”

“Foreign affairs ministries have become a particular focus of interest for Pawn Storm recently,” added the firm. “Aside from malware attacks, fake Outlook Web Access (OWA) servers were also set up for various ministries. These are used for simple, but extremely effective, credential phishing attacks. One Ministry of Foreign Affairs got its DNS settings for incoming mail compromised. This means that Pawn Storm has been intercepting incoming e-mail to this organisation for an extended period of time in 2015.”

Adobe updates

The researchers say the flaw affects at least versions 19.0.0.185 and 19.0.0.207 of Flash and have notified Adobe. However it is unclear whether the raft of updates have repaired the vulnerability. Adobe says none of the bugs it has identified have been seen in the wild, although one bug reported by TrendMicro has been fixed. TechWeekEurope has asked Adobe for clarification.

All the patches are deemed ‘critical’ because they could allow a remote attacker to take control of a system.

“APSB15-24 for Reader andAPSB15-25 for Flash address a number of critical vulnerabilities (over 50 for Reader) that would allow an attacker to execute code within the context of the user,” said Wolfgang Kandek, Qualys CTO. “Flash we recommend patching immediately. On the other hand Adobe’s Sandbox has been providing additional hardening to its PDF Reader and it has been over a year since we have seen PDF files used in exploits in the wild. Patch with within your normal patch cycle.”

The bugs will do nothing to calm fears about the security of Flash, which has been blocked by default, albeit temporarily, in Firefox and adverts using the software are automatically paused in Google Chrome.

Facebook’s new chief security officer Alex Stamos has also called on Adobe to set an end of life date for the much-maligned plug-in due to the sheer number of security threats.

Are you a security pro? Try our quiz!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

16 mins ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

16 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

18 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

19 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

20 hours ago