Unpatched Vulnerability (0day) in Flash Player is being exploited by Angler EK

Discussion in 'other security issues & news' started by FleischmannTV, Jan 21, 2015.

  1. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    As it seems Windows 8.1 + Chrome are not affected.
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Also interesting to see that these Flash holes are only being exploited in certain browsers. Would it perhaps not work in Opera 12 and 26?
     
  4. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
    Last edited: Jan 21, 2015
  5. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  6. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,981
    "Punters on Windows 8.1 are safe, along with those using Google Chrome thanks to use of sandboxing.

    Those operating other Windows platforms with Internet Explorer versions 10 and below, and some Mozilla Firefox versions, have been confirmed as vulnerable to the exploit."
    ------------
    "The free version of MalwareBytes' Anti-Exploit tool prevented the attack"
    =
    https://www.wilderssecurity.com/threads/malwarebytes-anti-exploit.354641/page-63#post-2450516
    ..........
     
  7. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    Adobe Flash Player 16.0.0.287 all varieties released, I assume this addresses the problem.
     
  8. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
     
  9. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  10. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,618
  11. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
  12. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    A comment from the link in first post:
     
  13. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    A man's pride shall bring him low: but honour shall uphold the humble in spirit: Proverbs 29,23.

    "Only the wasteful virtues earn the sun": William Butler Yeats, April 27, 1916.


    From a literary point of view that is one hell of a post Dermot !!! :)

    .... but in terms of technical input on the "Angler " Zero-Day exploit , perhaps a little less satisfying .

    But I loved your post anyway ...... and yes , I know , what I've written is probably well " off-topic " .
     
  14. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    It's not a post, it's his signature.
     
  15. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    Yes Fleischmann , you are right .... thank you !
    I've just been looking at some of his other posts and saw the same thing .
    But anyway , they are still very good quotes :)
     
  16. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Zscaler Research: Malvertising leading to Flash Zero Day via Angler Exploit Kit
     
  17. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Thanks for noting this :). The link in the first post now mentions this fact.
     
  19. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,981
  20. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
  21. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    My PPAPI version updated already. Kudos to Adobe, pushing this out on a Saturday.
     
  22. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,981
  23. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Yeah, I still can't get the latest through the main download page, which is giving me 16.0.0.287. I had to use the other Adobe download page which I probably can't link here cause ToS rules. Only then did I get 16,0,0,296 installed.
     
  24. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    For what it's worth, Chrome users can technically install the PPAPI version that is intended for Chromium users until Google updates Chrome. It installs to SysWOW64/System32 just the same as the plugin version and the binaries are absolutely identical to the ones that Chrome uses. Although Chrome wasn't specifically targeted in this recent exploit kit, it is still technically running a vulnerable version of Flash and so it's still a big question mark.

    EDIT: I should mention that once installed, the PPAPI version is picked up automatically in Chrome with no changes needed. You can simply Disable the built-in Chrome PPAPI Flash temporarily until Google updates it. Disable the NPAPI one as well if you've installed the plugin based Flash for Firefox. Go to chrome://plugins and click to open up the details of the different Flash versions that Chrome can use.
     
  25. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
    See here.....

    http://helpx.adobe.com/security/products/flash-player/apsa15-01.html

     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.