1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Flash Player zero-day exploit is being used in the wild by a cyberespionage group

Discussion in 'Network World' started by RSS, Jun 15, 2016.

  1. RSS

    RSS New Member Member

    Adobe Systems warned users Tuesday that an unpatched Flash Player vulnerability is currently being exploited in targeted attacks. The company expects to deliver a patch as soon as Thursday.

    The exploit was discovered by researchers from antivirus vendor Kaspersky Lab in attacks attributed to a cyberespionage group known in the security industry as ScarCruft.

    The group is relatively new, but is apparently quite resourceful, as this is possibly the second zero-day -- previously unknown and unpatched -- exploit that it used this year.

    The other exploit targeted a critical remote code execution vulnerability in Microsoft XML Core Services that was tracked as CVE-2016-0147 and was patched by Microsoft in April.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page