UPDATE* Yet Another Flash 0day Goes Live In Angler Exploit Kit

The researcher Kafeine over at the website Malware don’t [sic] need Coffee has found that there is an active Flash 0day exploit in the Angler exploit kit capable of delivering payload.  The Flash exploit has the ability to exploit not just older versions of browsers but even Windows 8.1 running Internet Explorer 11 with all updates including Flash  Once exploited a Hostile Actor can push a payload to commit click fraud, install a Cryptolocker, or other nasties.

Kafeine was able to show that Malwarebytes Anti Exploit is able to stop the exploit after the 0day has occurred.  Thanks Kafeine for you good work!


UPDATE 23 Jan 2015:  Adobe has patched one of the vulnerabilities and will issue a patch for another later next week.


Post by Protocol 46