Latest Adobe Flash vulnerability now in Angler, Nuclear EKs

Malwarbytes is reporting that once again Adobe Flash Player has become a target as the recently patched zero-day exploit that was discovered and patched has become a part of several exploit kits (EK).
Malwarbytes is reporting that once again Adobe Flash Player has become a target as the recently patched zero-day exploit that was discovered and patched has become a part of several exploit kits (EK).

Adobe Flash Player once again has become a target as the recently patched zero-day exploit that was discovered and patched has become a part of several exploit kits (EK), Malwarebytes researchers reported.

The company said in a blog post that the Angler and Nuclear EKs now include CVE-2015-7645, which was patched by Adobe on October 16. It affects Flash up to version 19.0.0.207.

Malwarebytes said users should disable or remove the Flash Player in order to completely avoid becoming a victim. But those who choose to keep it should make sure to only use the most recent version and to upload an exploit mitigation tool to remain safe.

Adobe said it is aware that one of the vulnerabilities – CVE-2015-7645, the bug reported by Trend Micro – is being used in “limited, targeted attacks” mainly against national foreign ministry offices.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS