Security News Recently Patched Flash Bug Can Leak Windows Credentials

frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.

The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.

Flaw derived from older vulnerability
The vulnerability was discovered by Dutch security researcher Björn Ruytenberg and is a variation of an older flaw tracked as CVE-2016-4271, which Adobe patched in September 2016.

Back then, Ruytenberg discovered that he could trick victims into loading a Flash file that called back to a remote SMB server that, in turn, would trick the user's computer into giving over its credentials.

Adobe patched this flaw with the release of Flash Player 23.0.0.162 by preventing Flash from making any outbound connections to URLs with UNC (Universal Naming Convention, eg: \\10.0.0.1\some\file.txt) or file-style paths (file://///10.0.0.1/some/file.txt).

The new bug Ruytenberg discovered relies on a clever trick to bypass Adobe's new protection measures. The researcher explains in a technical blog post that an attacker could comply with the Adobe ban on UNC and file-path URLs by loading a Flash file that made a request to a remote server via HTTP or HTTPS.

Recently Patched Flash Bug Can Leak Windows Credentials
 
  • Like
Reactions: Weebarra, LASER_oneXM, Fritz and 12 others
Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Winter Soldier said:
Using Flash is a greater loss... compared to the gain.
Click to expand...
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."

Update: ..and at the very bottom of the page under "Conclusion",
"Flash Player 26.0.0.151 fixes this issue, and can be downloaded through Windows Update and Adobe’s website."
 
Last edited:
  • Like
Reactions: Weebarra, LASER_oneXM, TairikuOkami and 4 others
frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Cats-4_Owners-2 said:
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."
Click to expand...
Very good to know, thanks for that @Cats-4_Owners-2 Cheers. ;)
 
  • Like
Reactions: LASER_oneXM, Winter Soldier, silversurfer and 2 others
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Cats-4_Owners-2 said:
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."

Update: ..and at the very bottom of the page under "Conclusion",
"Flash Player 26.0.0.151 fixes this issue, and can be downloaded through Windows Update and Adobe’s website."
Click to expand...
Thanks so much Cats for pointing out that :)
Flash is a total defeat, sadly.
 
  • Like
Reactions: Cats-4_Owners-2, frogboy and LASER_oneXM
You must log in or register to reply here.

Similar threads

lokamoka820
    • Like
    • +Reputation
Security News Google Patches Another Zero-Day Vulnerability in Chrome
Replies
6
Views
1,879
Security News
lokamoka820
lokamoka820
Gandalf_The_Grey
    • Like
    • Wow
    • +Reputation
Security News Windows driver zero-day exploited by Lazarus hackers to install rootkit (patched August 2024)
Replies
0
Views
1,579
Security News
Gandalf_The_Grey
Gandalf_The_Grey
lokamoka820
    • Like
    • +Reputation
Security News Microsoft Office Apps Provide a New Path for Hackers
Replies
0
Views
2,134
Security News
lokamoka820
lokamoka820

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top