MoreCybercriminals are exploiting a newly discovered flaw in Adobe Flash Player to distribute a botnet and adware, according to security researchers.
Adobe is investigating reports that a zero-day flaw in Flash Player is being used by an exploit kit known as Angler. Following the Blackhole exploit kit's demise last year, Angler is the new "one to watch" this year, according to Cisco security researchers.
Malware researcher Kafeine discovered the attack on Flash Player yesterday in an instance of Angler that contains exploits for three Flash flaws - two old ones that Adobe has fixes for, and one new flaw that was not patched in last week's security update, which brought Flash for Mac and Windows up to version 16.0.0.257.
MS has release an update today.
Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: January 22, 2015
Just got it in Windows Update.
Jim
Not one for W10 yet.MS has release an update today.
Microsoft security advisory: Update for vulnerabilities in Adobe Flash Player in Internet Explorer: January 22, 2015
Just got it in Windows Update.
Jim
I found that Malwarebytes Anti-Exploit will also stop the exploit in IE and Firefox and I run the free version on my systems including W10.
Adobe needs to fix this really soon.
Jim
There is nothing wrong with a bit of flash !!!
I agree,, Flash is just horrible. I wish it would die.. Kill it with FIRE!!
It didn't say anything about Firefox being effected. Am I correct in assuming you have visit a rigged or compromised website to get infected and you have to use internet explorer? That what the article implies.
I guess I checked too early, no updates this morning, MS not up yet.
But just checked and see it now. Thanks!
Quote
