Skip to main content

Attackers are exploiting a zero-day vulnerability in Flash Player

posted onJanuary 23, 2015
by l33tdawg

Attackers are using compromised websites to exploit a new and currently unpatched vulnerability in Flash Player, a malware researcher has reported.

The new exploit was observed in drive-by-download attacks launched with an exploit kit called Angler, according to an independent researcher who uses the online alias Kafeine.

Exploit kits are malicious Web applications that contain exploits for vulnerabilities in browsers and browser plug-ins such as Java, Flash Player, Adobe Reader, and Silverlight. Attackers silently redirect users' browsers to exploit kit installations by inserting rogue code in compromised websites and malicious advertisements. The kits choose which exploits to load from their arsenal depending on the visitor's browser and installed plug-ins. If successful, the exploits install malware. It's known as a drive-by-download attack and is typically transparent to users.

Source

Tags

Flash Adobe Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th