Endpoint Protection

Adobe released its monthly security updates for January today, much earlier than its usual schedule of the middle of each month. The vendor accelerated the release of the patches because a zero-day vulnerability in Flash Player (CVE-2015-8651) was reportedly exploited in limited targeted attacks.

This zero-day vulnerability affects the following Flash Player versions in Windows, Mac OS X, Linux, and ChromeOS:

• Adobe Flash Player Desktop Runtime versions 20.0.0.235 and earlier for Windows and Mac
• Adobe Flash Player Extended Support Release versions 18.0.0.268 and earlier for Windows and Mac
• Adobe Flash Player for Google Chrome versions 20.0.0.228 and earlier for Windows, Mac, Linux, and ChromeOS
• Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 20.0.0.228 and earlier for Windows 10
• Adobe Flash Player for Internet Explorer 10 and 11 versions 20.0.0.228 and earlier for Windows 8.0 and 8.1
• Adobe Flash Player for Linux versions 11.2.202.554 and earlier for Linux

An attacker could exploit the vulnerability to remotely execute arbitrary code on an affected computer.

We recommend applying the Adobe patches to mitigate exploit attempts. Users can obtain updates directly from the Adobe Flash Player Download Center or by accepting the update prompt through their installed product. Users can fix Flash Player embedded in Chrome and Internet Explorer by updating their chosen browser.

Symantec offers the following detections in order to protect users from exploits that attempt to take advantage of CVE-2015-8651:

AV

• Exp.CVE-2015-8651

IPS

• Web Attack: Adobe Flash Player CVE-2015-8651