Adobe fixes just one of two actively exploited zero-day vulnerabilities in Flash Player

Internet Explorer and Firefox users with Flash Player enabled remain at risk

Emergency updates for Flash Player released Thursday fix a vulnerability that is actively exploited by attackers, but leave a separate one unpatched.

Adobe Systems released Flash Player 16.0.0.287 for Windows and Mac, Flash Player 11.2.202.438 for Linux and Flash Player Extended Support Release 13.0.0.262. These updates address a vulnerability identified in the Common Vulnerabilities and Exposures database as CVE-2015-0310.

Adobe is aware of an exploit for this vulnerability "in the wild" being used to attack older versions of Flash Player, the company said in a security advisory.

On Wednesday, a French malware researcher who uses the online alias Kafeine reported on his blog that cybercriminals using the Angler Exploit Kit are targeting an unpatched vulnerability in Flash Player. That vulnerability, it seems, is not CVE-2015-0310 and remains unpatched.

Kafeine has since updated his blog post to reflect that the Angler exploit seen yesterday also works against the newly released Flash Player 16.0.0.287 for Windows and Mac. Moreover, the attackers have since corrected an error in their implementation and are now also targeting Firefox users who have Flash Player installed in addition to Internet Explorer users.

"Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled," Kafeine said. Google Chrome, where Flash Player runs under the browser's security sandbox, is not targeted.

"We are investigating reports that a separate exploit for Flash Player 16.0.0.287 and earlier also exists in the wild," Adobe said.

Interestingly, the CVE-2015-0310 vulnerability that was patched Thursday was also used in attacks with the Angler Exploit Kit, but last week, according to Kafeine.

Attack tools like Angler exploit vulnerabilities in browser plug-ins to install malware on computers, but usually they target known vulnerabilities, for which patches have already been released. That's because the cybercriminals using these tools are satisfied with only targeting the many users who are not quick to update the software on their computers.

Zero-day exploits -- exploits for which the vendor doesn't have a patch -- do have a higher success rate, but they're also much more expensive to buy on the black market, especially those for widely used software like Flash Player. The use of two such exploits in a mass attack tool like Angler within a week is quite unusual, because it significantly increases the chance of those valuable exploits being discovered and burned.

Firefox users can enable the browser's click-to-play feature in order to avoid Flash content from executing automatically. However, security researchers advise that it's better to disable the Flash Player plug-in entirely from the browser until a patched version is released.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags patchessecurityAdobe Systemspatch managementExploits / vulnerabilitiesmalware

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

GGG Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?