New Adobe Flash Zero-Day found by security researcher

A French Security Researcher known as Kafeine found a Zero-Day in Adobe’s flash player that is spread through the Angler exploit kit.  This exploit is being used in tandem with Bedep to run programs in the background of an infected system. Kafeine also found Angler in November exploiting a integer overflow in flash. The malicious actors behind the Angler Exploit Kit are very good at what they do. With the research they do to find vulnerabilities in flash particularly is quite impressive. The Angler Exploit Kit is successfully exploiting two New vulnerabilities: one is CVE-2015-0310 and is patched according to an update that adobe release a hours ago https://helpx.adobe.com/security/products/flash-player/apsb15-02.html. The other one does not yet have a CVE nor a patch

According the Kafeine’s blog any version of Internet Explorer or Firefox with any version of Windows is vulnerable if flash is up to 16.0.0.287 is installed and enabled. He also mentions that after the flash exploitation the malicious actor can then upload payloads that can lead to AdFraud or malware.

At this time Adobe has not released an update to patch this latest find. Checking with VirtusTotal this evening the detection rate it up to 13/57 from the 4/57 it was at last night. Meaning that 13 of 57 antivirus vendors have detection for this exploit. Check the link above to see if your antivirus vendor has detection. There is also IDS signatures that can be deployed for detection in your network.