Did you like this?
friends and colleagues.
SecurityWeek, By Mike Lennon
On Tuesday afternoon, Adobe released an out-of-band security update to address a critical zero-day security vulnerability in Adobe Flash Player. The remotely exploitable vulnerability is being used in attacks in the wild and allows an attacker to take control of an affected system.
The vulnerability, CVE-2014-0497, was reported to Adobe by Alexander Polyakov and Anton Ivanov of Kaspersky Lab.
Now that a patch has been released by Adobe, Kaspersky Lab has provided a technical analysis of the exploits and payload that the security firm discovered—a total of 11 exploits.
“All of the exploits exploit the same vulnerability and all are unpacked SWF files,” Vyacheslav Zakorzhevsky, a Kaspersky Lab Expert, wrote on a blog post Wednesday. “All have identical actionscript code, which performs an operating system version check. The exploits only work under the following Windows versions: XP, Vista, 2003 R2, 2003, 7, 7x64, 2008 R2, 2008, 8, 8x64. Some of the samples also have a check in place which makes the exploits terminate under Windows 8.1 and 8.1 x64.” Read more.
Related Business News Articles
According to new data from the Kaspersky Security Network (KSN) , small businesses faced eight times more ransomware attacks in the third quarter of 2016 than the third quarter of 2015.Learn more >
According to the Kaspersky Lab Spam and Phishing in Q3 report, the Company’s products blocked 73,066,751 attempts to attack users with malicious attachments.Learn more >
Kaspersky Lab experts recently discovered a modification of the mobile banking Trojan, Svpeng, hiding in Google's advertising network AdSense.Learn more >