Adobe Plugs Critical RCE Flash Player Flaw, Update ASAP! Exploitation May be Imminent (Nov 21, 2018)
Adobe has released a patch for a critical flaw in FlashPlayer, registered as “CVE-2018-15981” that could allow for remote code execution. This vulnerability affects Flash Player versions 18.104.22.168 and earlier on Windows, macOS, Linux, and Chrome operating systems. It affects the interpreter code of the Action Script Virtual Machine (AVM) where it does not rest a with-scope pointer when an exception is discovered which causes confusion in the system. A patch has been released for this flaw.
Recommendation: It is imperative to apply this patch immediately because of the “critical” rating of this vulnerability. It is believed that it is only a matter of time before threat actors exploit this flaw in the wild. It is also suggested to disable (or completely remove) Flash Player to prevent any possibility of becoming susceptible to the flaws. Adobe has also announced that it will end support for Flash Player by the end of 2020.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.