Adobe has corrected one of the zero-day vulnerability in Flash Player

Share

tweet



Adobe has released an urgent update for Flash Player, which corrects actively exploited zero-day vulnerability. The company’s specialists also reviews reports about the other hole, which is used in the attacks using a set of exploits “Angler Exploit Kit”. Note that the vulnerability discovered security researcher under the pseudonym Kafeine, has not yet been fixed.

As reported in Security Bulletin APSB15-02 from Adobe, in the Flash Player has been discovered vulnerability, that could allow a remote attacker to bypass technology ASLR (Address Layout Space Randomization) on a PC running Windows. ASLR is used to prevent attacks carried out by a buffer overflow. This gap has been fixed, while Adobe experts continue to study the reports of the existence an individual exploit for Flash Player 16.0.0.287.

Meanwhile, attackers modified the exploit code and add the ability to attack the browser Firefox, and Internet Explorer 11 running Windows 8.1 with the latest updates. Currently using the exploit, criminals distributes malware “Bedep”.

In the Thursday, January 22, Adobe said in its blog that it plans to release a fix for the vulnerability exploited via “Angler Exploit Kit”, next week, but did not specify the release date of the update.

Below you can find more details about the vulnerability patched Adobe.

The Critical vulnerability (zero-day vulnerability) in Adobe Flash Player

Severity Rating: Critical (zero-day vulnerability)

The presence of fixes: Yes

The Amount of vulnerabilities: 1

CVSSv2 rating: (AV: N / AC: L / Au: N / C: P / I: P / A: P / E: H / RL: O / RC: C) = Base: 7.5 / Temporal: 6.5

CVE ID: CVE-2015-0310

Platforms: All Platforms

Vector operation: Remote

Impact: Security Bypass,

Affected Products: Adobe Flash Player 11.x, Adobe Flash Player 13.x, Adobe Flash Player 16.x

Affected versions: Adobe Flash Player 16.0.0.257 and earlier versions, Adobe Flash Player Extended Support Release version 13.x to 13.0.0.260, Adobe Flash Player for Linux 11.2.202.429 and earlier versions

Description

The vulnerability allows a remote user to bypass certain security restrictions.

CVE-2015-0310 – The vulnerability is caused due to an unknown error. This can be exploited to bypass security restrictions that set out in “memory randomization mitigation” on the Windows platform.

Note: The vulnerability is actively exploited in the present moment.

Solution: Install the latest version from the manufacturer’s website.

Manufacturer’s URL: http://www.adobe.com/products/flashplayer.html

References: http://helpx.adobe.com/security/products/flash-player/apsb15-02.html