Skip to content ↓ | Skip to navigation ↓

Security researchers have identified a new zero-day exploit in Adobe Flash Player that attackers behind the Pawn Storm espionage campaign leveraged to spy on foreign ministries.

Since its inception, Pawn Storm has generally relied on the use of zero-day exploits, including the first Java-based exploit observed in a couple of years, to spy on high-profile targets. Government departments and ministries, as well as the North Atlantic Treaty Organization and the White House, have all been victims of this campaign.

Now researchers at the security firm Trend Micro have observed the latest episode of Pawn Storm.

“In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe,” Trend Micro explains in a blog post. “The targets received spear phishing e-mails that contained links leading to the exploit.”

Both the URLS and the emails were crafted to appear to lead to information about current events, such as the ongoing crisis in Syria and Israel’s activities in Gaza.

adobe zero-day pawn storm flash player
Affected Adobe versions (Source: Trend Micro)

According to a spokesperson for Adobe, the company received a proof-of-concept exploit on Tuesday and is currently in the process of investigating the issue. Ars Technica reports that it could take just a few days before Adobe issues an emergency patch for the exploit.

News of this discovery follows directly on the heels of Adobe releasing close to 70 security updates that fix multiple vulnerabilities found in its Flash, Reader, and Acrobat applications.

It is believed that the zero-day exploit spotted by Trend Micro does affect Adobe Flash Player 19.0.0.207, the latest version of Flash Player announced by Adobe in this most recent round of fixes.

Until Adobe issues a fix for this exploit, users might consider enabling Click-to-Play for Flash in their web browser. Alternatively, they might consider uninstalling Flash Player from their computers altogether for a more thorough fix.