The most recent Adobe Flash zero day has made its way into some of the most popular exploit kits being used today, including Angler and Nuclear.
That’s according to the researchers at Malwarebytes Labs, who discovered the threat evolution. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.
“Because Flash has been such a hot target this year, it is recommended to either disable it or remove it entirely,” said Jerome Segura, senior security researcher at Malwarebytes. “People that choose to keep it should always ensure they are running the latest version but also run an exploit mitigation tool in parallel to account for zero-days.”
The Adobe Flash Player continues to be the favorite browser plugin threat actors have been focusing on this year. The recent zero-day exploit is being used in targeted attacks. Trend Micro researchers discovered that the attackers behind Pawn Storm were using the zero-day in its latest campaign. Pawn Storm is a long-running cyber-espionage campaign known for its high-profile targets and usage of the first Java zero-day we’ve seen in the last couple of years.
In this most recent campaign, Pawn Storm targeted several foreign affairs ministries from around the globe. The targets received spear phishing emails that contained links leading to the exploit. The emails and URLs were crafted to appear like they lead to information about current events.
The jump to the EKs means that the flaw will now be exploited on a much broader basis.
The flaw, CVE-2015-7645, was patched by Adobe on October 16. The vulnerability affects Adobe Flash up to version 19.0.0.207.