Patch or ditch Adobe Flash

The place for what's new and going on in the tech, innovation, and science world.

Patch or ditch Adobe Flash

Postby DaFoxx » Tue Apr 10, 2018 3:59 am

Patch or ditch Adobe Flash: Exploit on sale, booby-trapped Office docs spotted in the wild

https://www.theregister.co.uk/2018/04/0 ... t_builder/

In case you needed another reason not to open Adobe Flash or Microsoft Office files from untrusted sources: ThreadKit, an app for building documents that infect vulnerable PCs with malware when opened, now targets a recently patched Flash security bug.

This means less-than-expert hackers can use ThreadKit to craft booby-trapped Office files, and fling them at victims in emails or downloads, so that when they are viewed on unpatched systems, malicious code within the files is executed via the Flash security hole.

Exploit code samples started showing up in the wild a few days ago.

Adobe issued a patch for CVE-2018-4878 in February, warning that an exploit for the vulnerability was circulating via Microsoft Office documents with embedded malicious Flash content

Since the exploit was folded into ThreadKit, examples of fiendish files leverage this latest Flash bug began appearing in antivirus engines.
Beware of Geeks bearing GIF's :mrgreen:
User avatar
DaFoxx
DaBOSS
 
Posts: 8583
Joined: Sun Dec 25, 2005 1:20 am
Location: 3rd Rock from the Sun

Re: Patch or ditch Adobe Flash

Postby rapier57 » Sun Apr 15, 2018 12:13 am

Ditch it. And ditch Java Runtime, as well, if you can.

I've been running without Adobe Flash for some years now and not missing it at all. Of course, I no longer use Windows. Not even in a virtual. I took Java Runtime off my Mac some time ago, as well.

If you run current browsers and OS's, you don't need Adobe Flash since HTML5 renders most video just fine. Java Runtime is problematic in that is allows someone to drop executables to your system and run them. One family member is addicted to Pogo Games. Some of those still require JR to be installed, but Adobe Flash is embedded into IE and Edge, now.
Rapier57.

Jayne: Testing. Testing. Captain, can you hear me?
Mal: I'm standing right here.
Jayne: You're coming through good and loud.
Mal: 'Cause I'm standing right here.


@rapier57
User avatar
rapier57
I've posted HOW many
 
Posts: 3130
Joined: Thu Mar 02, 2006 10:43 pm
Location: Spokane, WA USA


Return to Tech News Zone

Who is online

Users browsing this forum: No registered users and 21 guests

cron