‘Blitzableiter’ Protects Against Flash Player Exploits

A German security researcher has released an open-source tool that analyses and cleans up Flash code before playback to
prevent security holes in Adobe Flash Player from being exploited.The tool, called “Blitzableiter” (lightning rod), is the brainchild of Felix “FX” Lindner, a well-known hacker who presented it at the 26th Chaos Communication Congress (26C3).

A German security researcher has released an open-source tool that analyses and cleans up Flash code before playback to
prevent security holes in Adobe Flash Player from being exploited.

The tool, called “Blitzableiter” (lightning rod), is the brainchild of Felix “FX” Lindner, a well-known hacker who presented it at the 26th Chaos Communication Congress (26C3).

The H Security explains:

To prevent the frequently recurring security issues in Adobe’s software
from being exploited, the Blitzableiter tool checks SWF files for their
integrity. Embedded ActionScript code is detected, analysed and cleaned
up. The wrapper can also verify whether embedded objects such as JPEG
images comply with the specification.

In the future, Lindner plans to include the checking of embedded multimedia objects and the support of AVM2.

Here’s a link to Blitzableiter’s main project page.

Suggested articles

Massive Malspam Campaign Targets Unpatched Systems

Morphisec said that it has detected several malicious word documents – part of a “massive” malspam campaign – that takes advantage of a critical Adobe Flash Player vulnerability discovered earlier this month.

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.