OOB Adobe patch!
Adobe has released an advisory regarding an out of band security update for Flash, APSB15-02 1. It is a fix for CVE-2015-0310, which is reserved but for which there is little additional information at the NIST or Mitre sites. Most likely this is the previously reported 0day 2. There are reports that this vulnerability is actively being exploited, and that it is part of a crimeware kit. This would be a highly recommended patch! If you have the Adobe Flash Player installed apply the update. All versions on all platforms appear to be vulnerable.
1- http://helpx.adobe.com/security/products/flash-player/apsb15-02.html
2- https://isc.sans.edu/forums/diary/Flash+0Day+Exploit+Used+by+Angler+Exploit+Kit/19213/
Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.
My SANS teaching schedule
Comments
Security researcher Kafeine has found out that the 0-day isn't fixed completely in Adobe Flash version 16.0.0.287. From the three exploits used in Angler Exploit Kit the 1st (CVE-2014-8440) was fixed with APSB14-24 (released on 11-11-2014), the 2nd (CVE-2015-0310) is fixed with APSB15-02 (released today) and a 3rd exploit which isn't fixed yet.
See also http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
Anonymous
Jan 22nd 2015
9 years ago
Windows 8.1 32bits, Internet Explorer 11, Flash 16.0.0.257
EMET detected StackPivot mitigation and will close the application: iexplore.exe
Anonymous
Jan 22nd 2015
9 years ago
Not the patch. As above another cve. Unclear if mitigates the EK 0day or not really
"
A Security Bulletin (APSB15-02) has been published regarding security updates for Adobe Flash Player. These updates address a vulnerability (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the Windows platform. Adobe is aware of reports that an exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older versions of Flash Player."
Anonymous
Jan 22nd 2015
9 years ago
Yang Dingning, working with the Chromium Vulnerability Rewards Program, Timo Hirvonen of F-Secure and Kafeine (CVE-2015-0310)'
Anonymous
Jan 22nd 2015
9 years ago