Adobe has issued a security advisory for an Adobe Flash Player zero-day exploit being used by the folks behind the Pawn Storm cyber-espionage campaign to target foreign ministries worldwide. The critical vulnerability (CVE-2015-7645) has been identified in Adobe Flash Player version 220.127.116.11 and earlier for Windows, Macintosh and Linux. The company expects to issue an update for the vulnerability during the week of October. 19. Adobe stated in its advisory that a successful exploit could allow the attacker to take control of a vulnerable system. Adobe is also aware that the exploit is being used in limited targeted attacks. According to security experts, the vulnerability is being used to attack foreign ministries. Spear phishing emails link to the exploit and contain subject lines geared to pique the interest of a foreign ministry worker, such as “Suicide car bomb targets NATO troop convoy.”
Adobe Security Bulletin
IT Security News
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street