Authored by a Symantec employee
Last week, the cyber attack against the hackers-for-hire firm Hacking Team, led to a theft of 400gb of data that exposed two Adobe Flash Player vulnerabilities.
In addition to those two vulnerabilities, another bug was exposed, making this the third Adobe Flash exploit to come from the stolen data. This vulnerability (CVE-2015-5123) emerged late last week and Adobe quickly released a security bulletin over the weekend, that stated a patch will follow this week.
It is always best to update any software that has updates available as soon as possible, as software patches address these types of security issues.
All Norton users are fully protected against this vulnerability. A new Intrusion Prevention Signature (Web Attack: Malicious SWF Download 30) was deployed recently that detects and blocks exploit attempts to leverage the vulnerability. This signature was rolled out automatically to all customers with no additional action needed by them. No clicking of ‘OK’ or ‘Apply’ or ‘Restart my system’ was needed. It all happened silently and without any action needed on the user's part!
Norton products also detect malicious code attempting to exploit the recent Flash Player zero-day vulnerabilities as follows:
As mentioned in the previous article about this vulnerability, it is important to for users to realize that until this patch is issued, the Flash Player will still be vulnerable to attack. Concerned Adobe users with no security software can disable Adobe until a patch is issued, or they can download the latest version of Norton Security to stay protected.
Disclaimers and references:
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.