DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
December 9, 2019 
Main Menu
News archives

Who's Online
There are currently 176 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Adobe patches critical Flash vulnerability that is being actively exploited

Posted on Wednesday, June 24 2015 @ 14:14:22 CEST by

Flash logo
Adobe has rolled out an emergency fix to address a critical vulnerability (CVE-2015-3113) in its Flash software. Users are recommended to update asap as CVE-2015-3113 is being actively exploited in the wild via limited, targeted attacks. The firm notes systems running IE for Windows 7 and below, as well as Firefox on Windows XP, are known targets.

Security Affairs has some more information about the hole. It was discovered by security firm FireEye, they found hacking crew APT3 was using it to target a number of industries, including telecommunications, transportation and aerospace and defense sectors:
The attack vector is once again the email, according to FireEye, the attackers send messages containing links to compromised web servers that were used to serve both harmless content or a malicious Adobe Flash Player exploit for the CVE-2015-3113.

“In June, FireEye’s FireEye as a Service team in Singapore uncovered a phishing campaign exploiting an Adobe Flash Player zero-day vulnerability (CVE-2015-3113). The attackers’ emails included links to compromised web servers that served either benign content or a malicious Adobe Flash Player file that exploits CVE-2015-3113.” states FireEye in the blog post.

“Once a target host was profiled, victims downloaded a malicious Adobe Flash Player SWF file and an FLV file, detailed below. This ultimately resulted in a custom backdoor known as SHOTPUT, detected by FireEye as Backdoor.APT.CookieCutter, being delivered to the victim’s system.”



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba