Emerging Threats

Third Adobe Flash exploit found in hacking team data dump


Authored by a Symantec employee

 

Last week, the cyber attack against the hackers-for-hire firm Hacking Team, led to a theft of 400gb of data that exposed two Adobe Flash Player vulnerabilities.

Safety for every device.

Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.

In addition to those two vulnerabilities, another bug was exposed, making this the third Adobe Flash exploit to come from the stolen data. This vulnerability (CVE-2015-5123) emerged late last week and Adobe quickly released a security bulletin over the weekend, that stated a patch will follow this week.

It is always best to update any software that has updates available as soon as possible, as software patches address these types of security issues.

Protection

All Norton users are fully protected against this vulnerability. A new Intrusion Prevention Signature (Web Attack: Malicious SWF Download 30) was deployed recently that detects and blocks exploit attempts to leverage the vulnerability. This signature was rolled out automatically to all customers with no additional action needed by them. No clicking of ‘OK’ or ‘Apply’ or ‘Restart my system’ was needed. It all happened silently and without any action needed on the user's part!

Norton products also detect malicious code attempting to exploit the recent Flash Player zero-day vulnerabilities as follows:

As mentioned in the previous article about this vulnerability, it is important to for users to realize that until this patch is issued, the Flash Player will still be vulnerable to attack. Concerned Adobe users with no security software can disable Adobe until a patch is issued, or they can download the latest version of Norton Security to stay protected.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.


Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.

Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.