Results 1 to 5 of 5

Thread: Adobe Flash/Acrobat/Reader exploits-in-the-wild

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adobe Flash/Acrobat/Reader exploits-in-the-wild

    FYI...

    Flash 0-Day Exploit used by Angler Exploit Kit
    - https://isc.sans.edu/diary.html?storyid=19213
    2015-01-21 - "The "Angler" exploit kit is a tool frequently used in drive-by download attacks to probe the browser for different vulnerabilities, and then exploit them to install malware. The exploit kit is very flexible and new exploits are added to it constantly. However, the blog post below* shows how this exploit kit is currently using an unpatched Flash 0-day to install malware. Current versions of Windows (e.g. Window 8 + IE 10) appear to be vulnerable. Windows 8.1, or Google Chrome do not appear to be vulnerable... typically we see these exploits more in targeted attacks, not in widely used exploit kits. This flaw could affect a large number of users very quickly..."
    * http://malware.dontneedcoffee.com/20...-in-flash.html
    2015-01-21 - "... Angler EK exploiting last version (16.0.0.257) of Flash..."
    Update: "... tested it against the free version of Malwarebytes Anti Exploit* (a product from one of my customers). That stopped it. Well done!..."
    * https://www.malwarebytes.org/antiexploit/

    - http://blog.trendmicro.com/trendlabs...-new-zero-day/
    Jan 22, 2015 - "... Chrome’s version of the Flash Player plugin is sandboxed, mitigating potential effects to end users. Firefox is also immune to this threat..."
    Geographic distribution of users affected by Angler
    > http://blog.trendmicro.com/trendlabs...-Angler-01.jpg

    Last edited by AplusWebMaster; 2015-01-22 at 16:40.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •