Skip to main content

Adobe Flash Vulnerability being used by Ransomware in Malvertising

Last Update Date: 24 Oct 2014 12:08 Release Date: 24 Oct 2014 5633 Views

RISK: Extremely High Risk

TYPE: Attacks - Malware

TYPE: Malware

Security researchers at Proofpoint discovered CryptoWall 2.0 ransomware used malvertising# to infect the computers with outdated Adobe flash players running on Windows.

 

Without having to click on anything, visitors to the impacted websites which serve Adobe Flash enabled embedded advertisement may be stealthily infected with the ransomware which exploits the vulnerability of Adobe flash players (CVE-2014-0556). The impacted websites, including various service pages in the Yahoo, Match.com, and AOL domains, etc, potentially reaching as many as 3 million visitors per day. Similar to the behaviour of other ransomware, CryptoWall encrypts the files in the infected computers and demands the victims paying ransom in exchange of the encryption keys.

 

#What is Malverstising? 

Malvertising (from "malicious advertising") attacks use online advertising channels to infiltrate malware into the computers of unsuspecting users by embedding malicious code within advertisements on legitimate websites.

 


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Adobe Flash Player 14.0.0.179 and prior running on Windows
  • Adobe Flash Player ESR 13.0.0.241 and prior running on Windows
 

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to a fixed version.

Vulnerability Identifier


Source


Related Link