Adobe’s Latest Zero-Day Exploit Repurposed, Going Viral Via Adult Websites

At this point, I think it's safe to call the security level of Adobe's Flash player "asinine". Sometimes, it feels like full-blown OSes, such as Windows, have far fewer bugs. When is the last time you remember having to update your OS with an emergency patch? Now how about Adobe Flash? Exactly.

Well, since Adobe didn't put it in its New Years' resolutions to release more secure software, this is a reality that's not going to change too soon. Yesterday, the company issued a patch for bug CVE-2015-0311, one that exposes a user's browser to become vulnerable to code injection, and the now infamous Angler EK (Exploit Kit).

To fall victim to this kind of attack, all someone needs to do is visit a website with compromised Flash files, at which point the attacker can inject code and utilize Angler EK, which has proven to be an extremely popular tool over the past year.

Adobe Flash Update

This particular version of Angler EK is different, however. For starters, it makes use of obfuscated JavaScript and attempts to detect virtual machines and anti-virus products. Its target audience is also rather specific: porn hounds. According to FireEye, which has researched the CVE-2015-0311 vulnerability extensively, this exploit has reached people via banner ads on popular adult websites. It's mentioned that even a top 1000 website was affected, so it's not as though victims are surfing to the murkiest depths of the Web.

That's a little scary, and clear proof that Adobe's Flash plugin simply needs to die off. There's a clear reason why many media websites have already transitioned to HTML 5 instead of Flash. On that front, Adobe's had a lot of time to improve the security situation of its Flash player, but it simply hasn't happened, and a ridiculous bug like CVE-2015-0301 is living proof.

To make sure you're up-to-date, you can head on over to the official Flash player download page and check - or at least hopefully, as the site is broken as of the time of writing. The version you'll want to verify you're running is 16.0.0.296 for Windows, OS X, and Chrome OS, and 11.2.202.440 for Linux.


Via:  FireEye
Show comments blog comments powered by Disqus