Patched Flash Hole in Exploit Kit

Wednesday, May 25, 2016 @ 10:05 AM gHale


Magnitude exploit kit developers included an exploit for the just fixed Adobe Flash Player vulnerability.

The flaw, discovered by FireEye researchers on May 8, underwent exploitation by using specially crafted Microsoft Office documents.

RELATED STORIES
Flash Zero Day Patched
Adobe Patches Flaw in Flash Library
Adobe Fixes Flash Zero Day
Flash Zero Day Coming Soon

Adobe mitigated the Flash Player security hole, along with 24 other vulnerabilities, May 12 with the release of versions 21.0.0.242 and 11.2.202.616.

FireEye disclosed the details on May 13 and, on May 21, French security researcher, Kafeine, spotted Magnitude trying to exploit the flaw against Flash Player 21.0.0.213 installations. The integration appeared to be in progress since the exploit was not fully functional at the time of initial analysis.

A VirusTotal analysis from Saturday found three antivirus engines detected the Flash exploit.