Kaspersky Lab Details Exploits Targeting Just-Patched Adobe Zero-day

SecurityWeek, By Mike Lennon

On Tuesday afternoon, Adobe released an out-of-band security update to address a critical zero-day security vulnerability in Adobe Flash Player. The remotely exploitable vulnerability is being used in attacks in the wild and allows an attacker to take control of an affected system.

The vulnerability, CVE-2014-0497, was reported to Adobe by Alexander Polyakov and Anton Ivanov of Kaspersky Lab.

Now that a patch has been released by Adobe, Kaspersky Lab has provided a technical analysis of the exploits and payload that the security firm discovered—a total of 11 exploits.

“All of the exploits exploit the same vulnerability and all are unpacked SWF files,” Vyacheslav Zakorzhevsky, a Kaspersky Lab Expert, wrote on a blog post Wednesday. “All have identical actionscript code, which performs an operating system version check. The exploits only work under the following Windows versions: XP, Vista, 2003 R2, 2003, 7, 7x64, 2008 R2, 2008, 8, 8x64. Some of the samples also have a check in place which makes the exploits terminate under Windows 8.1 and 8.1 x64.” Read more.