Such zero-day attacks are fairly rare; typically, vulnerabilities are reported using “responsible disclosure” where the details of the bug isn’t made publicly available until after the code has been fixed and an update published. Windows is the predominant operating system used by customers globally and with Flash vulnerability, Hacking Team was able to infect Mac OS X and Linux too. Linux users should update to Flash Player 11.2.202.481.
Advertisement
This story originally posted as “Adobe tackles Hacking Team zero-day vulnerability” on ZDNet. Nearly humorously, it also relates to Adobe: it has to do with atmdf.dll, an Adobe font driver which has shipped with all versions of Windows dating back to Windows XP.
“Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system”, read a statement from Adobe. Redmond said that they are already working on a patch for the vulnerability.
The flaw was discovered in the 400GB of data stolen from Hacking Team, a company that makes surveillance software for governments, after it was hacked over the weekend.
As part of the attack, hackers sent a tweet from the Hacking Team’s twitter account that offered a link to 400 GB of the company’s source code, e-mails and internal files. “We believe the overall risk for customers is limited, as this vulnerability could not, on its own, allow an adversary to take control of a machine“, says a Microsoft spokesperson. This is to help them monitor terrorist threats better and to thwart the recruitment of Americans by ISIS through encrypted channels, as what the agency’s director James Comey argued. The full repercussion of the leak is not yet known, but Hacking Team’s technology was sold exclusively to governments and their agencies and this technology is now in the wrong hands.
The initial effect of the leak was an embarrassing number of revelations about the actions and clients of the firm, which largely provides software for law enforcement and national security to hack into the computers and mobile devices of targets. Despite past denial of allegations that Hacking Team had provided such tools to governments like Sudan, the Hacking Team leak revealed otherwise.
He said the Hacking Team exploit is reminiscent of the “ActionScript-Spray” attack used in CVE-2014-0322 and first documented by Bromium researcher Vadim Kotov.
Advertisement
Among the leaked files from Hacking Team’s servers were documents explaining pricing for their spyware tools and what could be compromised.
