Adobe fixes just one of two actively exploited zero-day vulnerabilities in Flash Player

Internet Explorer and Firefox users with Flash Player enabled remain at risk

Emergency updates for Flash Player released Thursday fix a vulnerability that is actively exploited by attackers, but leave a separate one unpatched.

Adobe Systems released Flash Player for Windows and Mac, Flash Player for Linux and Flash Player Extended Support Release These updates address a vulnerability identified in the Common Vulnerabilities and Exposures database as CVE-2015-0310.

Adobe is aware of an exploit for this vulnerability "in the wild" being used to attack older versions of Flash Player, the company said in a security advisory.

On Wednesday, a French malware researcher who uses the online alias Kafeine reported on his blog that cybercriminals using the Angler Exploit Kit are targeting an unpatched vulnerability in Flash Player. That vulnerability, it seems, is not CVE-2015-0310 and remains unpatched.

Kafeine has since updated his blog post to reflect that the Angler exploit seen yesterday also works against the newly released Flash Player for Windows and Mac. Moreover, the attackers have since corrected an error in their implementation and are now also targeting Firefox users who have Flash Player installed in addition to Internet Explorer users.

"Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to (included) is installed and enabled," Kafeine said. Google Chrome, where Flash Player runs under the browser's security sandbox, is not targeted.

"We are investigating reports that a separate exploit for Flash Player and earlier also exists in the wild," Adobe said.

Interestingly, the CVE-2015-0310 vulnerability that was patched Thursday was also used in attacks with the Angler Exploit Kit, but last week, according to Kafeine.

Attack tools like Angler exploit vulnerabilities in browser plug-ins to install malware on computers, but usually they target known vulnerabilities, for which patches have already been released. That's because the cybercriminals using these tools are satisfied with only targeting the many users who are not quick to update the software on their computers.

Zero-day exploits -- exploits for which the vendor doesn't have a patch -- do have a higher success rate, but they're also much more expensive to buy on the black market, especially those for widely used software like Flash Player. The use of two such exploits in a mass attack tool like Angler within a week is quite unusual, because it significantly increases the chance of those valuable exploits being discovered and burned.

Firefox users can enable the browser's click-to-play feature in order to avoid Flash content from executing automatically. However, security researchers advise that it's better to disable the Flash Player plug-in entirely from the browser until a patched version is released.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags patchessecurityAdobe Systemspatch managementExploits / vulnerabilitiesmalware

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?