{"id":85673,"date":"2018-02-03T15:09:38","date_gmt":"2018-02-03T09:39:38","guid":{"rendered":"https:\/\/blogs_admin.quickheal.com\/?p=85673"},"modified":"2018-02-05T11:26:05","modified_gmt":"2018-02-05T05:56:05","slug":"cve-2018-4878-adobe-flash-player-use-free-zero-day-vulnerability-alert","status":"publish","type":"post","link":"https:\/\/www.quickheal.com\/blogs\/cve-2018-4878-adobe-flash-player-use-free-zero-day-vulnerability-alert\/","title":{"rendered":"CVE-2018-4878 &#8211; Adobe Flash Player use after free (Zero Day) vulnerability Alert!"},"content":{"rendered":"<p>The recent zero-day vulnerability <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-4878\">CVE-2018-4878<\/a> in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory <a href=\"https:\/\/helpx.adobe.com\/security\/products\/flash-player\/apsa18-01.html\">APSA18-01<\/a> on February 2, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users.<\/p>\n<p><strong>Vulnerable versions<\/strong><\/p>\n<ul>\n<li>Adobe Flash Player 28.0.0.137 and prior versions<\/li>\n<\/ul>\n<p><strong>About the vulnerability <\/strong><\/p>\n<p>This is a use-after-free vulnerability in Adobe Flash player which allows attackers to perform a Remote Code Execution on targeted machines. After successful exploitation, attackers can take control of the vulnerable systems and download and execute malware on them.<\/p>\n<p>Reportedly, the vulnerability is currently being exploited in the wild through a malicious Office document. This office document is an initial attack vector with embedded malicious Flash file. According to the advisory, the malicious office document was distributed through email.<\/p>\n<p><strong>Quick Heal detection<\/strong><\/p>\n<p>Quick Heal has released the following detection for the vulnerability <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-4878\">CVE-2018-4878<\/a>:<\/p>\n<ul>\n<li>Exp.SWF.CVE-2018-4878<\/li>\n<li>Exp.OLE.CVE-2018-4878<\/li>\n<\/ul>\n<p>Quick Heal Security Labs is actively looking for new in-wild exploits for this vulnerability and ensuring coverage for them.<\/p>\n<p>&nbsp;<\/p>\n<p><strong>Subject Matter Experts<\/strong><\/p>\n<p>Pradeep Kulkarni, Sameer Patil | Quick Heal Security Labs<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions Adobe Flash Player 28.0.0.137 [&hellip;]<\/p>\n","protected":false},"author":31,"featured_media":84800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24,5],"tags":[69,1576,1173,718],"class_list":["post-85673","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-malware","category-security","tag-adobe","tag-cve-2018-4878","tag-exploit","tag-zero-day"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/85673"}],"collection":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/comments?post=85673"}],"version-history":[{"count":6,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/85673\/revisions"}],"predecessor-version":[{"id":85678,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/posts\/85673\/revisions\/85678"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media\/84800"}],"wp:attachment":[{"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/media?parent=85673"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/categories?post=85673"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.quickheal.com\/blogs\/wp-json\/wp\/v2\/tags?post=85673"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}