Flash Player Zero-Day

A zero-day vulnerability is a software defect that doesn’t yet have a patch from the vendor. One of these currently exists for Adobe Flash Player, and it is being actively targeted by a working exploit. This particular defect (CVE-2018-4878) is a use-after-free vulnerability which allows remote code execution. This means that Flash Player tries to read instructions from a memory address that is no longer valid, and that the exploit is able to put malicious code at that memory address, causing Flash Player to execute the malicious code introduced by the exploit.

South Korean security researchers say that North Korea developed this exploit and have embedded it in Microsoft Word documents in an effort to attack South Koreans doing security research on North Korea, and that this has been going on for two or three months.

This zero-day started making news on 1 February, and Adobe says it’ll release a patch the week of 5 February. As in this case, it can take the vendor a while to address a defect like this. So if your character needs to compromise someone’s computer, she might search Dark Web forums for a recent zero-day like this and send it to her target in a phishing email, especially if she knows that her target is not diligent about keeping their computer up-to-date.

And if you use Flash Player, make sure you apply the patch when Adobe releases it. Version is the affected version.


Author: carl

A web programmer and Linux system administrator who would like to be a writer.