Adobe has suffered another embarrassing attack which exploits their Flash software and this time the malware has been hidden in an Office document.
It seems that almost every week another vulnerability is exposed in Flash, a piece of software which once ruled the internet and powered practically every website worth its salt. However, times change and it’s fair to say that Adobe seem to be constantly fighting to plug the flood of attacks on Flash.
And this recent attack is particularly troubling for businesses as it was delivered in an Office document. Now, you would be hard pushed to find a business which doesn’t handle Office documents, so it’s a good idea you get acquainted with this latest attack.
Flash Gets Attacked (Again)
This latest exploit of a Flash vulnerability (named CVE-2016-4117) was first detected on 8th May 2016. It was an exploit which had not been seen previously, so there were absolutely no patches or fixes in place to prevent the malicious attacks. And this lack of ready-made solutions is why it’s known as a zero day attack.
Once the attackers had identified this exploit, they uploaded their payload onto a web server from where it could be distributed to the whole world. However, for this payload to affect even a single computer, it had to be downloaded to a computer first.
By trading on the naivety of individuals for whom internet security is not a recognized risk, the attackers hid automatic instructions within an Office document which would download the exploit. The simplest way to transmit this malicious code around the world was through email as many users trust the presence of an Office attachment.
However, upon opening the Office document, the automatic code within would be activated and download the exploit from the attackers web server. And, as this code was downloaded, a decoy document would be displayed to prevent detection of any unsavory behavior taking place.
After exploiting this initial vulnerability, the malware would then contact a second web server which could then distribute further instructions. The simplest instruction could be to crash the system resulting in a significant and costly downtime. However, there was also the potential for the attackers to take control of the infected systems and extract data.
Thankfully, for anyone using Flash, Adobe managed to release a fix to the CVE-2016-4117 vulnerability, but this was only after four days of panic. And, believe me, a piece of malware can spread and cause a lot of chaos within four days!
How Many More Attacks Will Flash Absorb?
Attackers currently seem hell bent on using Flash to deliver their nasty payloads and it’s becoming embarrassing for Adobe. Many other software developers – such as Firefox – are now actively preventing the usage of Flash due to the security risks connected to it.
We still have to deal with Flash, though, so vigilance is crucial. And this is why you need to ensure that all your staff is aware of the potential dangers of opening email attachments from unknown sources. Only then will you be able to feel confident that your systems are not going to be compromised.
For more ways to secure and optimize your business technology, contact your local IT professionals.