logo
logo

A recently patched Flash Player exploit is being used in widespread attacks

avatar
Evelyn Fowler
img

An exploit for the previously zero-day CVE-2016-4117 vulnerability is now in the Magnitude exploit kit

It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are being used to infect computers with malware.

The vulnerability, known as CVE-2016-4117, was discovered earlier this month by security researchers FireEye.

It was exploited in targeted attacks through malicious Flash content embedded in Microsoft Office documents.

When the targeted exploit was discovered, the vulnerability was unpatched, which prompted a security alert from Adobe Systems and a patch two days later.

As it usually happens with zero-day exploits, it was only a matter of time until more cybercriminals got their hands on the CVE-2016-4117 exploit code and started using it in widespread attacks.

Exploit kits are Web-based attack tools that bundle multiple exploits for vulnerabilities in browser plug-ins like Flash Player, Java, Silverlight and Adobe Reader.

collect
0
avatar
Evelyn Fowler
guide
Zupyak is a free content platform for publishing and discovering stories, software and startups.