Simple Cyber Defense

Adobe patch to tackle Flash zero-day


There has been a discovery of another vulnerability in the Adobe Flash Player. The origins of this vulnerability is suspected to be from North Kora. The vulnerability work as follows:

Cisco Talos researchers have set out the exploit workflow used for the Adobe Flash zero-day.

Image: Cisco Talos

Luckily both Adobe and Microsoft has worked to get patches out to address this issue. (more information can be found at Adobe and Microsoft pages) More on this topic can be found at ZDNet.

It is highly recommened to install patches from both Adobe and Mcrosoft (if running Windows OS) to protect from the Flash vulnerabilities. For best protection it is recomended to not have Flash installed at all. However, if Flash is needed you DEFINITELY want to be running a Flash Blocker on your web browser. If you are using Microsoft Office you should update to the recent version of Microsoft Office and use the “Protected View”. This will notice when a document is obtained online and raises its shields. To turn this feature on go to File / Options / Trust Center / Trust Center Settings /Protected View.

[x] Enable Protected View for file originating from the Internet.
[x] Enable Protected View for file located in potentially unsafe locations.
[x] Enable Protected View for Outlook attachments.
Sources: ZDNet, Adobe, Microsoft, and GRC