All Flash versions vulnerable to remote control attack until next week

A vulnerability that could allow an attacker to take control of a machine running Flash is currently being exploited in the wild, Trend Micro has found.

In the wake of its monthly patch rollout yesterday, Adobe has announced it is currently working on a new update for Flash to fix a critical vulnerability that is currently being exploited.

All current versions of Flash are vulnerable to the exploit that could allow an attacker to take control of the affected machine.

"Adobe expects to make an update available during the week of October 19," the company said in its advisory.

The exploit, designated CVE-2015-7645, was discovered by Trend Micro, who said it formed part of Operation Pawn Storm and was targeted at several foreign affairs ministries from around the globe. The ministries were spear phished with emails that appeared to relate to current geopolitical events such as situations in Syria, Gaza, and Iraq.

"Foreign affairs ministries have become a particular focus of interest for Pawn Storm recently," Trend Micro said in a blog post.

"Aside from malware attacks, fake Outlook Web Access (OWA) servers were also set up for various ministries. These are used for simple, but extremely effective, credential phishing attacks.

"One Ministry of Foreign Affairs got its DNS settings for incoming mail compromised. This means that Pawn Storm has been intercepting incoming e-mail to this organization for an extended period of time in 2015."

In April, Trend Micro said the group was targeting NATO and the White House.

Earlier this year, Facebook chief security officer, Alex Stamos, called for Flash to be killed off.

"It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day," he said.

Yesterday, Adobe patched 13 critical vulnerabilities in Flash that also had the potential to allow an attacker to take over a system.