Another Hacking Team Flash Player 0day Uncovered (UPDATED)

Hacking Team Leak Exposes New Flash Player Zero Day

Update (07/07 11:55 AM PT): Adobe released a security bulletin about this vulnerability which is assigned CVE-2015-5119. A fix is scheduled for July 8.

bulletin

– – – –

The security community was ablaze yesterday with the news of a massive data dump and hack of most controversial firm Hacking Team.

Hacking Team specializes in surveillance software which it resells to various governments around the world, and in particular to some oppressive regimes, a major issue that has activists outraged.

The data stolen from the firm contains several gigabytes worth of exploits, malware and other very sensitive information.

Among them, a new Flash Player zero day (CVE-2015-5119) affecting Flash Player up to version 18.0.0.194 was found and is making headlines.

Version

We analyzed a copy of the exploit and can confirm that Malwarebytes Anti-Exploit users were already protected against this threat:

MBAE

Without a doubt cyber criminals have already got their hands on it and will integrate it in their exploit kits soon.

Software vendor Adobe is said to be working on an emergency patch. In the meantime, you should be extremely cautious and either disable the plugin or make sure you are running anti-exploit mitigation software to protect yourself.

We will update this blog post with additional information as it comes through.

ABOUT THE AUTHOR

Jérôme Segura

Principal Threat Researcher