Adobe advises of Flash flaw exploited via Excel docs

Share this article:

Adobe on Monday warned of a "critical" zero-day vulnerability in Flash Player that attackers currently are exploiting through Microsoft Excel files.

The flaw, which impacts Flash 10.2.152.33 and earlier versions, also impacts Reader and Acrobat because the authplay.dll component, which ships with the popular PDF software, is flawed, according to an Adobe blog post. Reader and Acrobat X 10.0.01 and earlier versions for Windows and Macintosh are affected.

Wendy Poland, a security response program manager at Adobe, said in the post that the company has fielded reports of attackers taking advantage of the vulnerability by embedding a malicious SWF (Flash) file in an XLS (Excel) document, delivered as an email attachment. The company is not aware of any exploits targeting Reader or Acrobat.

A patch is due March 21.

Roel Schouwenberg, senior anti-virus researcher at Kaspersky Lab, said he doesn't think Microsoft and Adobe should allow integration of their two products in this way. But he understands why attackers are taking advantage.

"This kind of structure is a perfect setup for targeted attacks," Schouwenberg wrote in a Monday blog post. "And not surprisingly, targeted attacks have indeed been reported...The reason why the attackers are using Excel as a delivery vehicle is simple. This way the attack can easily be delivered through email. So be extra cautious when you receive XLS files you didn't request."

Share this article:

Sign up to our newsletters

More in News

Latest Citadel trick allows RDP access after malware's removal

Latest Citadel trick allows RDP access after malware's ...

Trusteer, an IBM company, said the new Citadel configuration was detected this month.

Cryptoblocker variant emerges, encryption differs from CryptoLocker

Trend Micro has detected a variant of CryptoLocker in the wild that relies on the advanced encryption standard.

Jimmy John's sandwich chain investigating possible breach

Some financial institutions have indicated that credit cards recently used at Jimmy John's locations have been used to make fraudulent purchases.