Flash Player zero-day exploit is being used in the wild by a cyberespionage group
Adobe Systems warned users Tuesday that an unpatched Flash Player vulnerability is currently being exploited in targeted attacks. The company expects to deliver a patch as soon as Thursday.
The exploit was discovered by researchers from antivirus vendor Kaspersky Lab in attacks attributed to a cyberespionage group known in the security industry as ScarCruft.
The group is relatively new, but is apparently quite resourceful, as this is possibly the second zero-day — previously unknown and unpatched — exploit that it used this year.
The other exploit targeted a critical remote code execution vulnerability in Microsoft XML Core Services that was tracked as CVE-2016-0147 and was patched by Microsoft in April.
To read this article in full or to leave a comment, please click here
Read more: Flash Player zero-day exploit is being used in the wild by a cyberespionage group