14 DAY TRIAL // A new, unknown vulnerability in the latest version of Adobe Flash Player is currently leveraged by cybercriminals using Angler Exploit Kit (EK) to deliver malware to computer users.
Adobe updated Flash Player last week to build 16.0.0.257, fixing a total of nine security bugs, but it appears that another one was left unattended and cybercriminals have created code to take advantage of it.
French security researcher Kafeine noticed that one version of Angler EK integrated three exploits for security flaws in Flash Player; two of them were common for the web-based attack tool, but a third one was present in just a few instances and seemed to be immune to the latest patches from Adobe.
Kafeine observed that the zero-day exploit worked on systems running Windows XP with Internet Explorer 6 through 8, Windows 7 with IE 8 and Windows 8 running IE 10, with the most recent version (16.0.0.257) of the player installed.
The researcher says that users relying on a fully updated Windows 8.1, as well as those browsing with Google Chrome, are safe from the malicious attack.
At the moment, there aren’t too many details about the zero-day vulnerability and how it is exploited, but the researcher says that it would be best if Flash Player was disabled for the next few days, until more information becomes available.
[UPDATE]: Malwarebytes analyzed the behavior of the Angler EK exploiting the Flash zero-day and has found that the malware it spreads is Bedep, “a distribution botnet that can load multiple payloads on the infected host.”