The SANS Institute’s Internet Storm Center raised the threat level to yellow because of the ongoing Flash Player attacks. Also, the AIR installer handles necessary updates for Adobe Access and does not support the SystemUpdater API. Those ads then make it onto large legitimate websites.Ĭombining malvertising with zero-day exploits results in very powerful and widespread attacks that are hard to defend against. Note: For versions of Flash Player earlier than 10.1, use the update mechanism supported in earlier player versions (manual download and install from or ExpressInstall). Attackers manage to push malicious ads onto ad networks through a variety of techniques that include impersonating advertisers. That one was tracked as CVE-2015-0310.ĭrive-by-download attacks silently install malware on users’ computers when they visit compromised websites or view malicious ads in their browsers. The update comes after Adobe released another Flash Player version last week to address a different zero-day, or exploited but unpatched, vulnerability. Even though the release hasn’t officially been announced yet, the new version is already available on its distribution site. The company also said that it will make the new Flash Player version available for manual download this week.
0 Comments
Leave a Reply. |