Malaysian Computer Emergency Response Team

Services

Advisories Cyber999 Help Centre Malware Research Centre Incident Statistics

MyCERT Statistic

Reported Incidents based on General Incident Classification Statistics 2013

Help Centre

Reporting Channels

Definitions of Incidents

Cyber999 - Service Level Agreement

MyCERT Advisories

MyCERT Advisories, Alerts and Summaries for the year 2012

MA-310.052012 : MyCERT Alert - Critical Vulnerability in Adobe Flash Player

Date of publication: 2012-05-04

1.0 Introduction

A critical vulnerability (CVE-2012-0779) has been identified in Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux, Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x.

This vulnerability allows a remote attacker to execute arbitrary code on a vulnerable version of Adobe Flash Player. User interaction is required where a user must visit a malicious website which is embedded with a specially crafted SWF file. This vulnerability would cause the application to crash and could potentially allow attacker to take control of the affected system.

According to Adobe, there are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. [1]

2.0 Impact

By exploiting this vulnerability, an attacker could execute arbitrary code on vulnerable installations of Adobe Flash and gain the same privilege as the user. These vulnerabilities could be exploited to install malware on the user's computer.

3.0 Affected Products

Products listed below are vulnerable to these vulnerabilities:

Adobe Flash Player 11.2.202.233 and earlier versions for Windows, Macintosh and Linux operating systems
Adobe Flash Player 11.1.115.7 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and 2.x

4.0 Recommendation

MyCERT recommends users of Adobe Flash Player to upgrade to the newest version by downloading it from the following URL:

http://get.adobe.com/flashplayer/

Users may also consider using a vulnerability management tool such as Secunia to ensure that all applications are updated:

http://secunia.com/vulnerability_scanning/personal/

Users of Adobe Flash Player 11.1.111.8 and earlier versions for Android 3.x and earlier versions should update to the latest version by browsing to the Android Marketplace or Google Play on an Android device at

https://play.google.com/store/apps/details?id=com.adobe.flashplayer&hl=en

MyCERT generally advise users to keep themselves updated with the latest security announcements by the vendor. In case the public receives any suspicious URL or .SWF file, and requires our further analysis, please reach us through the following channels:

E-mail : mycert@mycert.org.my
Phone : 1-300-88-2999 (monitored during business hours)
Fax : +603 89453442
Handphone : +60 19 2665850 (24x7 call incident reporting)
SMS : CYBER999 REPORT <EMAIL> <COMPLAINT> to 15888
Business Hours : Mon - Fri 08:30 -17:30 MYT
Web: http://www.mycert.org.my

5.0 References

i - https://www.adobe.com/support/security/bulletins/apsb12-09.html