Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TWO MORE Flash zero-days emerge in Hacking Team leak crims exploit holes


  • Please log in to reply
20 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 11,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:04:18 PM

Posted 12 July 2015 - 05:20 AM

 

Updated Two more serious security holes in Adobe Flash that let miscreants hijack vulnerable computers have emerged from the leaked Hacking Team files – and crooks are apparently already exploiting at least one of them to infect machines.

The use-after-free() programming flaws, for which no patches exist, are identified as CVE-2015-5122 and CVE-2015-5123. They are similar to the CVE-2015-5119 Flash bug patched last week. The 5122 and 5123 bugs let malicious Flash files execute code on victims' computers and install malware. The bugs are present in the Windows, Linux and OS X builds of the plugin.

The 5119, 5122 and 5123 vulnerabilities were documented in stolen copies of files leaked online from spyware maker Hacking Team. The Italian biz's surveillance-ware exploits the vulnerabilities to infect computers, and these monitoring tools are sold to countries including Saudi Arabia, Sudan, Russia and the US.

Everyone with Flash installed should remove or disable the software until the critical security bugs are patched, or at least enable "click to play" in their browsers so that you know exactly what you're running on your system rather than letting websites play malicious Flash files silently in the background without warning or permission.

Adobe said on Saturday that the newly discovered flaws will be patched sometime next week:

http://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/



BC AdBot (Login to Remove)

 


m

#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 08:14 AM

Adobe is on it. Hopefully they'll deliver an update fast.

http://www.zdnet.com/article/adobe-promises-patch-for-latest-wave-of-critical-hacking-team-zero-day-exploits/

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 02:34 PM

Another article about these two exploits:

http://www.zdnet.com/article/two-further-critical-flash-zero-days-appear-from-hacking-team-breach/

Edit time expired on my last post.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#4 O.T.T.

O.T.T.

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:18 AM

Posted 13 July 2015 - 04:56 PM

It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day.

Why do they keep Flash if we have HTML5 ?

 

OTT


Please ask Google why some of my links don't work anymore !


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 04:59 PM

Ask Zynga to code all their games on HTML5 instead of Flash. It'll take a bit of time eh. But everyone should start working on it right now.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 O.T.T.

O.T.T.

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:18 AM

Posted 13 July 2015 - 05:42 PM

I know... but they should have started yesterday, HTML5 isn't new and flash zero-days aren't also !  :whistle:

 

OTT


Please ask Google why some of my links don't work anymore !


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 05:44 PM

The end of support announcement for Windows XP wasn't yesterday as well, yet ... :P

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 O.T.T.

O.T.T.

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:18 AM

Posted 13 July 2015 - 05:54 PM

That really made me smile !  :lol: 

 

OTT


Edited by O.T.T., 13 July 2015 - 05:55 PM.

Please ask Google why some of my links don't work anymore !


#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 05:56 PM

At least they expect a fix during this week, hopefully it'll be tomorrow or after tomorrow.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 softeyes

softeyes

  • Members
  • 1,351 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:18 PM

Posted 13 July 2015 - 09:29 PM

 

 

Updated Two more serious security holes in Adobe Flash that let miscreants hijack vulnerable computers have emerged from the leaked Hacking Team files – and crooks are apparently already exploiting at least one of them to infect machines.

The use-after-free() programming flaws, for which no patches exist, are identified as CVE-2015-5122 and CVE-2015-5123. They are similar to the CVE-2015-5119 Flash bug patched last week. The 5122 and 5123 bugs let malicious Flash files execute code on victims' computers and install malware. The bugs are present in the Windows, Linux and OS X builds of the plugin.

The 5119, 5122 and 5123 vulnerabilities were documented in stolen copies of files leaked online from spyware maker Hacking Team. The Italian biz's surveillance-ware exploits the vulnerabilities to infect computers, and these monitoring tools are sold to countries including Saudi Arabia, Sudan, Russia and the US.

Everyone with Flash installed should remove or disable the software until the critical security bugs are patched, or at least enable "click to play" in their browsers so that you know exactly what you're running on your system rather than letting websites play malicious Flash files silently in the background without warning or permission.

Adobe said on Saturday that the newly discovered flaws will be patched sometime next week:

http://www.theregister.co.uk/2015/07/12/adobe_flash_zero_day_cve_2015_5122/

 

 

Hi NickAu..it's July 13, 2015 @ 7:26 PM my time...just found your post.

 

Golly?  I'm surprised that there are not more replies to this post?  I'm feeling like I 'should' be doing something about this?

 

I'm at present working on a Toshiba laptop running OS Vista, using Chrome browser,

 

Thanks.



#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 13 July 2015 - 09:30 PM

Well, since people are already aware that at least one 0-day exploit was leaked following Hacking Team's hack, I guess they aren't surprised to see two more being leaked. And I'm sure they won't be the last ones­.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 11,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:04:18 PM

Posted 13 July 2015 - 09:40 PM

 

 I'm feeling like I 'should' be doing something about this?

 

How to Protect Yourself from All These Adobe Flash 0-Day Security Holes

.



#13 O.T.T.

O.T.T.

  • Members
  • 172 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:18 AM

Posted 14 July 2015 - 03:32 AM

Things are moving...

 

FireFox Now Blocks Flash By Default just for now.

 

OTT


Please ask Google why some of my links don't work anymore !


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:18 AM

Posted 14 July 2015 - 05:18 AM

That would explain the issue of two users I'm currently assisting here...

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 JohnC_21

JohnC_21

  • Members
  • 21,650 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:18 AM

Posted 14 July 2015 - 08:08 AM

The fix is out.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users