Attackers are exploiting a zero-day vulnerability in Flash Player

The exploit was included in the Angler exploit kit, a security researcher reported

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.

The new exploit was observed in drive-by-download attacks launched with an exploit kit called Angler, according to an independent researcher who uses the online alias Kafeine.

Exploit kits are malicious Web applications that contain exploits for vulnerabilities in browsers and browser plug-ins such as Java, Flash Player, Adobe Reader and Silverlight. Attackers silently redirect users' browsers to exploit kit installations by inserting rogue code in compromised websites and malicious advertisements.

The kits choose which exploits to load from their arsenal depending on the visitor's browser and installed plug-ins. If successful, the exploits install malware. It's known as a drive-by-download attack and is typically transparent to users.

Exploit kits usually target known vulnerabilities, which is why it's important to keep browser plug-ins like Flash Player up to date. But that doesn't help if attackers have an exploit for a zero-day vulnerability -- one that's not been patched yet by the software vendor.

Zero-day exploits are valuable to hackers, which is why they're more commonly used in targeted attacks where the stakes are higher and the goal is usually cyberespionage. It's unusual to see them in mass attacks like those performed with Angler and other exploit kits.

The new zero-day exploit used in Angler worked successfully on the latest Flash Player version on Windows 7 with Internet Explorer 8, Windows 8 with Internet Explorer 10, and Windows XP with IE 6 to 9, Kafeine said in a blog post. Disabling Flash Player for some days might be a good idea, he said.

Adobe is aware of the report and investigating the claims, a spokeswoman said via email.

However, Kafeine claims he shared the exploit with the company, and that Adobe has confirmed it.

"The zero-day vulnerability in Flash Player, as discovered by Kafeine, could provide a big security risk for Internet users, effectively opening an unguarded window onto PCs worldwide," said Pedro Bustamante, director of special projects at security firm Malwarebytes, via email.

"The fact that it has seemingly been integrated into the Angler Exploit Kit shows that criminals are keen to use it to target people and businesses en-masse," he said. "Using a delivery mechanism such as Angler increases the chance of successful infections, allowing for accurate attacks through infected adverts on high traffic websites."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Adobe SystemssecurityMalwarebytesExploits / vulnerabilitiesmalware

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?