News flash: Adobe/Palo Alto: Critical vulnerabilities flash and exploit kit detection

News flash: Adobe/Palo Alto: Critical vulnerabilities flash and exploit kit detection

Two critical vulnerabilities have been detected by Palo Alto:
 
1. A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS.
2. Recent Angler Exploit Kit updates that have been seen in the wild.
 
Explanation
 
Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected systems. Adobe is aware of reports that CVE-2016-1019 is being actively exploited on systems running Windows 10 and earlier with Flash Player version 20.0.0.306 and earlier. The Angler Exploit Kit is a tool that is being used for ransom ware and already has the adobe exploit in their update.
 
Conclusion
 
Systems:
There is a workarounds to be sure that you are not affected by the flash issue. But we recommend to use the latest release provided at 7th of April: https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
 
To verify the version of Adobe Flash Player installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.

Palo Alto:

We recommend to upgrade all devices to the latest version of Content Applications and Threats and review policies to ensure desired actions are configured.
 
Severity           ID  Attack Name                                                                CVE ID          
critical             39097  Adobe Flash Player Type Confusion Vulnerability     CVE-2016-1019
critical             39100  NUCLEAR Exploit Kit Detection                               alert     4.1.0
 
Workaround:
A mitigation introduced in Flash Player 21.0.0.182 currently prevents exploitation of this vulnerability, protecting users running Flash Player 21.0.0.182 and later.
 
For more information and assistance please contact Infradata by phone +31 (0)71 750 15 25 or by mail support@infradata.nl.

Partners & references

Palo Alto Networks