• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Malware • Security  /  CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!
03 February 2018

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

Written by Pradeep Kulkarni
Pradeep Kulkarni
Malware, Security
Estimated reading time: 1 minute

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users.

Vulnerable versions

  • Adobe Flash Player 28.0.0.137 and prior versions

About the vulnerability

This is a use-after-free vulnerability in Adobe Flash player which allows attackers to perform a Remote Code Execution on targeted machines. After successful exploitation, attackers can take control of the vulnerable systems and download and execute malware on them.

Reportedly, the vulnerability is currently being exploited in the wild through a malicious Office document. This office document is an initial attack vector with embedded malicious Flash file. According to the advisory, the malicious office document was distributed through email.

Quick Heal detection

Quick Heal has released the following detection for the vulnerability CVE-2018-4878:

  • Exp.SWF.CVE-2018-4878
  • Exp.OLE.CVE-2018-4878

Quick Heal Security Labs is actively looking for new in-wild exploits for this vulnerability and ensuring coverage for them.

Subject Matter Experts

Pradeep Kulkarni, Sameer Patil | Quick Heal Security Labs

 Previous PostMachine learning approach for advanced threat hunting
Next Post  Multi-Factor Authentication: Everything you need to Know
Pradeep Kulkarni
About Pradeep Kulkarni

Pradeep Kulkarni is leading the IPS team in Quick Heal Technologies Limited. Having worked in the IT security industry for over 11 years, he has worked on various...

Articles by Pradeep Kulkarni »

Related Posts

  • Malware-as-a-service: Cybercrime’s nine-to-five

    Anyone, even you, can carry out cyberattacks with the Malware-as-a-Service model

    October 30, 2020
  • Masslogger’s malice imposes spying and keylogging in businesses.

    MassLogger: An Emerging Spyware and Keylogger

    July 31, 2020
  • Is your Router exposed to cyber threats

    Is your router exposed to cyber threats? Here is how to safeguard it.

    July 30, 2020

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond Turn the Page: Cybersecurity Predictions for 2021 & beyond February 18, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.