MS-ISAC CYBERSECURITY ADVISORIES
MS-ISAC ADVISORY NUMBER:
Multiple Vulnerabilities in Adobe Flash Player Could Allow for Code Execution (APSB17-07)
There are currently no reports of these vulnerabilities being exploited in the wild.
- Adobe Flash Player Desktop Runtime version 184.108.40.206 and earlier for Windows, Macintosh and Linux
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 220.127.116.11 and earlier for Windows 10 and 8.1
- Large and medium government entities:High
- Small government entities:Medium
- Large and medium business entities:High
- Small business entities:Medium
Home users: Low
Multiple vulnerabilities have been discovered in Adobe Flash Player, the most severe of which could allow for code execution. The vulnerabilities are as follows:
- A buffer overflow vulnerability that could lead to code execution (CVE-2017-2997).
- Multiple memory corruption vulnerabilities that could lead to code execution (CVE-2017-2998, CVE-2017-2999).
- A random number generator vulnerability used for constant blinding that could lead to information disclosure (CVE-2017-3000).
- Multiple use-after-free vulnerabilities that could lead to code execution (CVE-2017-3001, CVE-2017-3002, CVE-2017-3003).
Successful exploitation of these vulnerabilities could allow an attacker to execute remote code in the context of the browser, obtain sensitive information, bypass security restrictions, or cause denial-of-service conditions.
We recommend the following actions be taken:
- Install the updates provided by Adobe immediately after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to visit websites or follow links provided by unknown or untrusted sources.
- Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from untrusted sources.
- Apply the Principle of Least Privilege to all systems and services.Â