Patched four days ago (2015-06-23) with Flash 18.0.0.194, the CVE-2015-3113 has been spotted as a 0day by FireEye, exploited in limited targeted attacks. It's now making its path to Exploit Kits
Magnitude :
2015-06-27
Magnitude successfuly exploiting Flash 18.0.0.160 on IE11 in Windows 7 on 2015-06-27 Dropping 2 instances of Cryptowall Ransomware |
Sample in that pass :
SWF : ee3f5baf3abfcdab044fccf89ec41746
FLV : 12965c39fdc1772c0e966b17d9bc66f4
Fiddler sent to VT
Angler EK :
2015-06-29
Angler EK exploiting Flash 18.0.0.160 on IE11 in Windows 7 the 2015-06-29 Dropping Kelihos Loader suba002. |
Fiddler sent to VT.
Nuclear Pack:
2015-07-01
Nuclear Pack exploit CVE-2015-3113 - 2015-07-01 |
Sample in that pass : fe02162a66d69390387546da10f471ac
Fiddler sent to VT
RIG :
2015-07-01
RIG exploiting CVE-2015-3113 - 2015-07-01 |
Fiddler sent to VT
Neutrino :
2015-07-01
Neutrino takes advantage of CVE-2015-3113 - 2015-07-01 |
Fiddler sent to VT
Read More :
Operation Clandestine Wolf – Adobe Flash Zero-Day in APT3 Phishing Campaign - 2015-06-23 - FireEye
New Adobe Zero-Day Shares Same Root Cause as Older Flaws - 2015-06-24 - Peter Pi - TrendMicro