Number: IRCNE2015102659
Date: 2015/10/19
According to “computerworlduk”, Adobe released 69 security patches as part of its regularly scheduled update cycle on Tuesday fixing multiple vulnerabilities in Flash, Reader, and Acrobat. In that update, Adobe fixed 13 Flash flaws that could lead to information disclosure and remote code execution. While these updates should be applied immediately, administrators should remain on guard because attackers are currently exploiting a zero-day vulnerability affecting all versions of Flash Player, even the latest one.
Researchers uncovered the zero-day Flash exploit in the latest Pawn Storm cyber espionage campaign, Trend Micro researchers Brooks Li, Feike Hacquebord, and Peter Pi wrote in a blog post. The spear phishing emails contained links leading to the exploit and targeted several Ministries of Foreign Affairs around the world.
The URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization members and the White House in April.
- 8