Adobe Flash Zero Day: Operation GreedyWonk


flash2No more than a week after discovering Internet Explorer 10 Zero Day, researchers at FireEye have uncovered yet another critical vulnerability on widely used software.  CVE-2014-0502, dubbed Operation GreedyWonk, affects the latest versions of Adobe Flash.

Like the IE 10 Zero Day, Operation GreedyWonk bypasses ASLR, a protective measure that randomizes the positions of important data in a program, making it harder for attackers to pinpoint vulnerabilities.

Operation GreedyWonk Affects:

Steps to Mitigation

  1. To determine which version of Flash you are running, you can visit Adobe’s website here.
  2. If you need to update, you can find operating system specific versions here.
  3. If you require assistance with this update process, please don’t hesitate to contact Emsisoft Support.

For a technical analysis of this new Zero Day, we recommend FireEye’s blogpost on Operation GreedyWonk.  Research suggests that GreedyWonk has been perpetrated by politically motivated attackers, as the Zero Day initially targeted three nonprofit organizations: the Peter G. Peterson Institute for International Economics, the American Research Center in Egypt, and the Smith Richardson Foundation.  In particular, users linked to the Smith Richardson Foundation are actively involved in matters of public policy and national security.

As with Snowman, GreedyWonk is likely to spawn many copycat attacks.  As such, Emsisoft recommends that you update Flash immediately.  An official statement from Adobe regarding this matter can be viewed here.

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a Great (Malware-Free) Weekend!

Senan Conrad

Senan Conrad

Senan specializes in giving readers insight into the constantly and rapidly changing world of cybersecurity. When he’s not tapping away at his keyboard, he enjoys drinking a good coffee or tinkering in his workshop.

What to read next