Adobe addresses 0-day in Flash Player

On December 27 Adobe released an out-of-band update APSB16-01 for their Flash Player to address a vulnerability (CVE-2015-8651) that is already under attack. Under ThreatProtect we have set the RTI to “Actively Attacked”, which means there are targeted attacks on this vulnerability underway. We suggest patching your Flash players as quickly as possible.

Adobe Flash 0-day under targeted attack

TrendMicro has found evidence of an active exploit against a new vulnerability in the Adobe Flash player. Adobe has issued a patch in APSB15-27 and has been assigned CVE-2015-7645 Our RTI for QID: 124154 is ActivelyAttacked.

2nd Flash 0-day found in Angler Exploit Kit

Trend Micro confirms in their analysis that the Flash Vulnerability CVE-2015-0311 is present in the Angler Exploit Kit. The RTI for QID: 123181 is now: 0-day, ExploitPack

2nd Flash 0-day

Adobe has acknowledged in APSA15-01 the existence of attacks in the wild against an Adobe Flash vulnerability (CVE-2015-0311). Our RTI for QID: 123181 is set to: 0-day.

Adobe Flash 0-day in Angler

Security Researcher Kafeine has detected a new attack against an Adobe Flash vulnerability (CVE-2015-0310) deployed in the Exploit Kit Angler and documented its function on January 21. Adobe has it addressed in APSB15-02 on January 22. Our RTI for QID: 123187 is set to: ExploitPack.