Security News Recently Patched Flash Bug Can Leak Windows Credentials

frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.

The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 23.0.0.162 up to 26.0.0.137, running on Windows XP, Vista, 7, 8.x, and 10.

Flaw derived from older vulnerability
The vulnerability was discovered by Dutch security researcher Björn Ruytenberg and is a variation of an older flaw tracked as CVE-2016-4271, which Adobe patched in September 2016.

Back then, Ruytenberg discovered that he could trick victims into loading a Flash file that called back to a remote SMB server that, in turn, would trick the user's computer into giving over its credentials.

Adobe patched this flaw with the release of Flash Player 23.0.0.162 by preventing Flash from making any outbound connections to URLs with UNC (Universal Naming Convention, eg: \\10.0.0.1\some\file.txt) or file-style paths (file://///10.0.0.1/some/file.txt).

The new bug Ruytenberg discovered relies on a clever trick to bypass Adobe's new protection measures. The researcher explains in a technical blog post that an attacker could comply with the Adobe ban on UNC and file-path URLs by loading a Flash file that made a request to a remote server via HTTP or HTTPS.

Recently Patched Flash Bug Can Leak Windows Credentials
 
  • Like
Reactions: Weebarra, LASER_oneXM, Fritz and 12 others
Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
Winter Soldier said:
Using Flash is a greater loss... compared to the gain.
Click to expand...
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."

Update: ..and at the very bottom of the page under "Conclusion",
"Flash Player 26.0.0.151 fixes this issue, and can be downloaded through Windows Update and Adobe’s website."
 
Last edited:
  • Like
Reactions: Weebarra, LASER_oneXM, TairikuOkami and 4 others
frogboy

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Cats-4_Owners-2 said:
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."
Click to expand...
Very good to know, thanks for that @Cats-4_Owners-2 Cheers. ;)
 
  • Like
Reactions: LASER_oneXM, Winter Soldier, silversurfer and 2 others
Winter Soldier

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
Cats-4_Owners-2 said:
Agreed.

From technical blog post:rolleyes: above:
"A word about affected environments

Interestingly, and in contrast to the previous flaw, Edge as well as Chrome (with Flash enabled) are unaffected. While otherwise showing similar behavior, including a cross-domain policy file request, both browsers appear to prevent Flash from connecting to SMB hosts.


That said, Firefox as well as Internet Explorer are vulnerable. This also applies to all current versions of Microsoft Office. In addition, the flaw affects both remote and local-with-networking sandboxes."

Update: ..and at the very bottom of the page under "Conclusion",
"Flash Player 26.0.0.151 fixes this issue, and can be downloaded through Windows Update and Adobe’s website."
Click to expand...
Thanks so much Cats for pointing out that :)
Flash is a total defeat, sadly.
 
  • Like
Reactions: Cats-4_Owners-2, frogboy and LASER_oneXM
You must log in or register to reply here.

Similar threads

upnorth
    • Like
    • Wow
    • +Reputation
Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover
Replies
1
Views
1,177
News Archive
R3j3ct
R3j3ct
MuzzMelbourne
    • Like
    • Sad
    • Wow
PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords
Replies
3
Views
1,521
News Archive
Ink
Ink
CyberTech
    • +Reputation
    • Like
Atlassian warns of exploit for Confluence data wiping bug, get patching
Replies
0
Views
642
News Archive
CyberTech
CyberTech

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top