Latest Adobe Flash vulnerability now in Angler, Nuclear EKs

Adobe Flash Player once again has become a target as the recently patched zero-day exploit that was discovered and patched has become a part of several exploit kits (EK), Malwarebytes researchers reported.

The company said in a blog post that the Angler and Nuclear EKs now include CVE-2015-7645, which was patched by Adobe on October 16. It affects Flash up to version

Malwarebytes said users should disable or remove the Flash Player in order to completely avoid becoming a victim. But those who choose to keep it should make sure to only use the most recent version and to upload an exploit mitigation tool to remain safe.

Adobe said it is aware that one of the vulnerabilities – CVE-2015-7645, the bug reported by Trend Micro – is being used in “limited, targeted attacks” mainly against national foreign ministry offices.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.