All Posts

2 posts

February 0-day for Adobe Flash – Update 2

Update2: The patch rollout for CVE-2015-0313 has begun. First Adobe Flash autoupdaters, then later the downloadable package plus Chrome and IE.

Update: More evidence on the 0-day (CVE-2015-0313) in the latest Adobe Flash. Trend now believes that it is the Hanjuan Exploit Kit, not Angler that is actively using the 0-day. In addition their testing has shown that the exploit is unable to escape the Google Chrome Sandbox, so Flash running under Google Chrome is still safe. This is actually good news and similar to the last 0-day CVE-2015-0311. Cisco’s Talos group meanwhile reports on further variants of CVE-2015-0311 and their telemetry gives an idea of the spread of the attack that uses  an ad network.

Adobe will patch the 0-day this week.

Original: After Adobe fixed two 0-days (APSB15-02 and APSB15-03) in January, February starts off with its own 0-day. Trend Micro reports and Adobe acknowledges the new 0-day CVE-2015-0313, which comes to us courtesy of the Angler Exploit Kit again. Not much is known at this time with the exception that Trend’s security tools are preventing the exploit from executing. No word so far on other tools such as the free EMET.

Maybe this is just the Angler tech team living up to their maintenance contracts to always have a 0-day around?

Keep monitoring this page for further updates.

QID for Latest JAVA SE Critical Patch Released Tonight

Oracle just released an extremely important critical patch for Java. It fixes an impressive number of vulnerabilities, and it is recommended to install this update as fast as possible. You can read more about this here: http://laws.qualys.com/2013/02/oracle-releases-early-cpu-for.html

And here is the official page on the Oracle website: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

A new QID “120832 – Oracle Java SE Critical Patch Update – February 2013” has been released and you can use QualysGuard VM to scan your network to find the systems that require the patch.

Here is a report that gives you a preview of the details of a report for this QID, including a list of known exploits that are available for some of the vulnerabilities that are fixed by this patch: