Adobe Patches Flash Zero-Day Exploited By Magnitude Exploit Kit

wiredmikey writes: Adobe released a Flash Player update on Thursday night to patch a zero-day vulnerability that has been leveraged by cybercriminals to deliver malware via the Magnitude exploit kit. The vulnerability [CVE-2016-1019], a memory corruption that can be exploited for remote code execution, was discovered after, on April 2, security researcher Kafeine of Proofpoint noticed a change in the Magnitude exploit kit. The sample was then investigated by FireEye, which determined that Magnitude EK had been exploiting a previously unknown vulnerability in Flash Player."Despite the fact that this new exploit could potentially work on any version of Adobe Flash, including a fully patched instance of Flash, the threat actors implemented it in a manner that only targeted older versions of Flash. In other words, equipped with a weapon that could pierce even the latest armor, they only used it against old armor, and in doing so exposed to security researchers a previously unreported vulnerability," Proofpoint said in a blog post.

Re:You were warned

[GrumpySteen]

You have been warned repeatedly that cars are dangerous. Therefore, if you still get in a car and you get hurt or killed by a drunk driver, you only have yourself to blame.

Yeah, no. Blaming the victim doesn't accomplish anything other than making sure that nothing changes and nothing gets better.

Until companies are actually held liable for the damage that their insecure software causes, they will keep creating insecure software because it's cheaper and more profitable than taking the time to make it secure.

Interesting evolution of malware

[140Mandak262Jamuna]

When malware were named viruses and borrowed terminology from biology and germ theory of diseases, initially (I mean back in early 1990s) it was kind of funny almost snark. But the the behavior of the malware evolved very similar to the way biological viruses evolve, and the comparison and terminology became increasingly relevant. Bio viruses reduce their own lethality [*1] to improve their own chances of survival and propagation. Even the original C-brain floppy disk virus of 1988 waited for 50 copies being made before it would take adverse action. Keeping a few weapons in the reserve, not attacking all possible hosts etc are all things bio viruses do too.

So where would it go? Some viruses reduced their lethality a lot and helped their hosts survive better so that these viruses could also survive better. At some point they benefit they added was so much, they were more symbiotes rather than a pathogen. Some eventually gave up all attempts find new host or propagation and became totally dependent on their hosts. The mitochondria in each of our cells that is actually the powerhouse that generates energy for the organisms, was once a free living bacteria [*2]. The gut bacteria of so many animals are totally dependent on their host. Some of the viruses got spliced into our DNA itself! There are genes from viruses in our DNA happily churning out proteins for us!

Malware authors can not claim copyright, nor can they enforce any intellectual property rights on their creation. There is nothing to stop OS developers from picking up useful bits of algorithms and code from these viruses and using it in legitimate code. Very interesting to think about what could happen. Of course, the biota is still full of harmful viruses and bacteria. So not all viruses will be tamed. But there is some potential to harvest these viruses for any good code/algorithm/logic they might have in them.

[*1] no no no, I am not saying these viruses are sentient and they deliberately did X to achieve Y. Some viruses did X, that was beneficial due to Y, and they survived better than the ones that did not do X, thus eventually only the viruses that did X are the only ones still alive. Anthropomorphizing and attributing purpose to an evolutionary process is simply a shorthand used by biologists. Read Daniel Dennett, he explains it far better than I do.

[*2] Endosymbiosis.