CATEGORIES
home News

Surprise, Surprise! Hacking Team Breach Uncovers Yet Another Gaping Hole In Adobe Flash

by Rob WilliamsWednesday, July 08, 2015, 11:15 AM EDT

This week, something nearly as common as breathing happened: a severe Adobe Flash vulnerability was revealed. How this one came to be, however, is far more interesting than most. Earlier this week, a well-known Italian hacking group called 'Hacking Team' was itself hacked. On Monday, the group's Twitter account was hijacked to post a link to a torrent file that includes about 400GB worth of its data. We're now finding out that this data could have huge repercussions for software vendors and regular consumers alike.

Because Hacking Team's efforts largely revolve around exploiting bugs in popular software, it's almost of no surprise to see Adobe Flash listed among those affected. It's also of little surprise that this bug could potentially lead someone to gain control over a machine. As of the time of writing, Adobe hasn't released a patch, but it's working overtime to get one out at some point today.

Adobe Flash Update

From Adobe's security report: "A critical vulnerability (CVE-2015-5119) has been identified in Adobe Flash Player 18.0.0.194 and earlier versions for Windows, Macintosh and Linux. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit targeting this vulnerability has been published publicly. Adobe expects to make updates available on July 8, 2015."

The really dangerous thing about this leak is that it's not just details of the vulnerability that were released, but the tools the group itself uses to exploit it. And, as a reminder, with the torrent file in hand, anyone can get hold of these tools.

Among this repository of nastiness, a Windows kernel-level vulnerability was also discovered. Almost humorously, it also relates to Adobe: it has to do with atmdf.dll, an Adobe font driver which has shipped with all versions of Windows dating back to Windows XP. Microsoft has said that a patch is in the works, although it seems unlikely that Windows XP will be on the receiving end of the fix.

Tags:  Adobe, Flash, security, vulnerability, NASDAQ: ADBE
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment