The vulnerability has recently been discovered in the Magnitude exploit kit.
By Charlie Osborne for Zero Day | April 8, 2016 -- 09:26 GMT (02:26 PDT)
Adobe has released an emergency patch to fix a zero-day vulnerability actively being exploited in the wild.
On Tuesday, Adobe warned that users should expect an out-of-schedule update which patches the bug CVE-2016-1019, a zero-day flaw which affects Adobe Flash Player.
Users of Windows, Mac, Linux and Chrome operating systems are affected by the security flaw, which "could cause a crash and potentially allow an attacker to take control of the affected system," according to Adobe.
The zero-day flaw is a type confusion vulnerability, but it does have limitations.
The exploit works against Adobe Flash versions 20.0.0.306 and earlier, but will only cause a crash rather than full system compromise with Flash versions 21.0.0.182 and 21.0.0.197 thanks to mitigation processes added by Adobe in these more recent versions.
Microsoft Windows is being specifically targeted and cyberattackers are particularly interested in exploiting the Windows 10 operating system and earlier through this vulnerability.
Adobe has now readied the emergency patch and has advised users to update immediately.
According to researchers from Trend Micro, active attacks have been observed leveraging this vulnerability through the Magnitude exploit kit in drive-by attacks.
This particular kit is linked to the Locky ransomware, malware which locks infected systems and demands payment in return for a decryption key which unlocks system files and content.
This malware was reportedly used recently in attacks against the Methodist Hospital based in Kentucky, United States.
Researchers at FireEye said:
"This is not the first time that new exploit mitigation research rendered an in-the-wild zero-day exploit ineffective. Exploit mitigations are an invaluable tool for the industry, and their ongoing development within some of the most widely targeted applications -- such as Internet Explorer/Edge and Flash Player -- change the game.
Despite regular security updates, attackers continue to target Flash Player, primarily because of its ubiquity and cross-platform reach."
By Charlie Osborne for Zero Day | April 8, 2016 -- 09:26 GMT (02:26 PDT)
Adobe has released an emergency patch to fix a zero-day vulnerability actively being exploited in the wild.
On Tuesday, Adobe warned that users should expect an out-of-schedule update which patches the bug CVE-2016-1019, a zero-day flaw which affects Adobe Flash Player.
Users of Windows, Mac, Linux and Chrome operating systems are affected by the security flaw, which "could cause a crash and potentially allow an attacker to take control of the affected system," according to Adobe.
The zero-day flaw is a type confusion vulnerability, but it does have limitations.
The exploit works against Adobe Flash versions 20.0.0.306 and earlier, but will only cause a crash rather than full system compromise with Flash versions 21.0.0.182 and 21.0.0.197 thanks to mitigation processes added by Adobe in these more recent versions.
Microsoft Windows is being specifically targeted and cyberattackers are particularly interested in exploiting the Windows 10 operating system and earlier through this vulnerability.
Adobe has now readied the emergency patch and has advised users to update immediately.
According to researchers from Trend Micro, active attacks have been observed leveraging this vulnerability through the Magnitude exploit kit in drive-by attacks.
This particular kit is linked to the Locky ransomware, malware which locks infected systems and demands payment in return for a decryption key which unlocks system files and content.
This malware was reportedly used recently in attacks against the Methodist Hospital based in Kentucky, United States.
Researchers at FireEye said:
"This is not the first time that new exploit mitigation research rendered an in-the-wild zero-day exploit ineffective. Exploit mitigations are an invaluable tool for the industry, and their ongoing development within some of the most widely targeted applications -- such as Internet Explorer/Edge and Flash Player -- change the game.
Despite regular security updates, attackers continue to target Flash Player, primarily because of its ubiquity and cross-platform reach."