Rewterz Threat Advisory – Flaws in ATM Dispenser Controllers Allowed Hackers to Steal Cash
August 14, 2018Rewterz Threat Advisory – CVE-2018-8374 Microsoft Exchange Server Tampering Vulnerability
August 15, 2018Rewterz Threat Advisory – Flaws in ATM Dispenser Controllers Allowed Hackers to Steal Cash
August 14, 2018Rewterz Threat Advisory – CVE-2018-8374 Microsoft Exchange Server Tampering Vulnerability
August 15, 2018Multiple vulnerabilities in Microsoft Windows Adobe Flash Player may cause information disclosure, privilege escalation or security mitigation bypass.
IMPACT: NORMAL
PUBLISH DATE: 14-08-2018
OVERVIEW
Multiple vulnerabilities have been found in various versions of Microsoft Windows Adobe Flash Player which may lead to out-of-bound reads causing disclosure of potentially sensitive information. One of these vulnerabilities may also cause bypassing of Security Mitigations. Moreover, an attacker using a component with a known vulnerability may also lead to privilege escalation.
ANALYSIS
The five vulnerabilities detected in Microsoft Windows Adobe Flash Player this week include Out-of-bound reads, security bypasses and usage of a component with known vulnerability. These can cause Information disclosure by providing sensitive information to unauthorized people, or may bypass restrictions meant for security mitigation. Usage of known vulnerabilities may also cause privilege escalation.
These vulnerabilities are resolved by updating products to latest versions. Currently, there are no reported exploits for these vulnerabilities. However, for best security measures, Adobe recommends installation of updates within a period of thirty days.
The table below lists the vulnerabilities under consideration in this advisory.
AFFECTED PRODUCTS
Mentioned versions of the products listed below have been found to be vulnerable.
UPDATES
Apply relevant updates to your system:
- Adobe Flash Player on Windows 10 for x64-based Systems (KB4343902)
- Adobe Flash Player on Windows Server 2016 (KB4343902)
- Adobe Flash Player on Windows 10 Version 1607
- Adobe Flash Player on Windows 10 Version 1703
- Adobe Flash Player on Windows 10 Version 1709
- Adobe Flash Player on Windows 10 Version 1803
- Adobe Flash Player on Windows 10 for 32-bit Systems (KB4343902)
- Adobe Flash Player on Windows 10 Version 1607
- Adobe Flash Player on Windows 10 Version 1703
- Adobe Flash Player on Windows 10 Version 1709
- Adobe Flash Player on Windows 10 Version 1803
- Adobe Flash Player on Windows RT 8.1 (KB4343902)
- Adobe Flash Player on Windows 8.1 for x64-based systems (KB4343902)
- Adobe Flash Player on Windows Server 2012 R2 (KB4343902)
- Adobe Flash Player on Windows 8.1 for 32-bit systems (KB4343902)
- Adobe Flash Player on Windows Server 2012 (KB4343902)
It is best to update the running versions of the affected products as per the advisory. Furthermore, if you think you are a victim of a cyber-security attack. Immediately send an email to info@rewterz.com for a rapid response.