Hackers Exploiting Latest Adobe Flash Bug On Large Scale

Outsmart Malicious Hackers


It’s very out of character for Adobe – but they’ve actually released two out of band patches in the last week or so.

They’ve had to patch 4 times in the past 2 months – that’s a total of 6 times in 2011 so far – with 5 out of those 6 being for critical bugs.

It seems like Flash has become a major target for hackers in the past 6 months or so, despite the fact that Adobe has worked with Google to sandbox Flash in the Chrome browser.

Hackers are aggressively exploiting a just-patched Flash vulnerability, serving attack code “on a fairly large scale” from compromised sites as well as from their own malicious domains, a security researcher said Friday. The attacks exploit the critical Flash Player bug that Adobe patched June 14 with its second “out-of-band,” or emergency update, in nine days.

“CVE-2011-2110 is being exploited in the wild on a fairly large scale,” said Steven Adair, a researcher with the Shadowserver Foundation, a volunteer-run group that tracks vulnerabilities and botnets. “In particular this exploit is showing up as a drive-by in several legitimate websites, including those belonging to various NGOs [non-government organizations], aerospace companies, a Korean news site, an Indian government Web site, and a Taiwanese university.”

CVE-2011-2110 is the identifier for the Flash vulnerability assigned by the Common Vulnerabilities and Exposures database. Attackers are also using the exploit in “spear phishing” attacks aimed at specific individuals, said Adair on the Shadowserver site. Adair called the attacks “nasty” because the exploit “happens seamlessly in the background,” giving victims no clue that their systems have been compromised.

The CVE ID for this vulnerability is – CVE-2011-2110 with the NVD listing stating:

Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.

Sounds pretty nasty, at least the patch is out for it – but as usual, how many people will apply it in a timely fashion?


When Adobe patched the vulnerability last week, it conceded that exploits were already in use.

Adair also said there’s been an increase in Flash-based attacks. “There has been an ongoing assault against Flash Player for several years now, but especially so in the last three months,” Adair said.

Adobe has patched Flash Player four times in the last two months, and six times so far this year. Of the six updates, five addressed “zero-day” bugs that attackers were already exploiting at the time the patches were issued.

Brad Arkin, Adobe’s director of product security and privacy, acknowledged the problems in keeping ahead of attackers, but blamed the popularity of Flash Player for the attention.

“The installed base [of Flash Player] is a real big part of it,” said Arkin. “It’s such a widely distributed technology that attackers find it worthwhile to invest the time to carry out some kind of malicious activity. They’re making an investment for the biggest return possible.”

Arkin also argued that attackers get more bang for their buck by rooting out Flash vulnerabilities than they do looking for bugs in individual browsers because virtually every personal computer has the Flash plug-in installed. “Flash is the code [used in the browser] that has the highest market penetration,” he said.

According to Adair, the exploit of CVE-2011-2110 has been in use since June 9, five days before Adobe issued its latest security update. Arkin corroborated that timeline.

Adobe does claim to be more pro-active about patching than Microsoft – which honestly isn’t really hard is it? Brad Arkin the head of security said:

I think we’re more aggressive than Microsoft, basically, if we have information about attacks in the wild, or if the information is out there on a mailing list — which means attacks are imminent — that tends to be a trigger for us to think about an out-of-band.

Do note they said ‘think’ about a patch though and not ‘issue’ one.

Source: Network World

Posted in: Exploits/Vulnerabilities

, , , , , , , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


2 Responses to Hackers Exploiting Latest Adobe Flash Bug On Large Scale

  1. X June 22, 2011 at 9:09 am #

    And yet Flash’s auto update feature only checks once a week.

  2. NNM June 23, 2011 at 2:45 pm #

    I have a dream… That one day Adobe goes out of business….