0-Day Fixes

Adobe Flash Player vulnerability in Internet Explorer 10

Report ID: MAPP-CVE20121535
Date Published: 21 September 2012
Date Revised: 27 September 2012
Criticality: Critical
Compromise Type: application-crash
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.3.300.270
Internet Explorer 10
Windows 8
Windows Server 2012


A vulnerability involving Adobe Flash Player in Internet Explorer 10 could cause the application to terminate unexpectedly, and possibly allow and attacker to take control of a compromised system.

Detailed Description

A vulnerability in Adobe Flash Player affects Internet Explorer 10 on supported editions of Windows 8 and Windows Server 2012. There are reports on this vulnerability being exploited in the wild, where the exploit is targeting the ActiveX version of Flash Player for Internet Explorer on Windows. 

The vulnerability could cause the application to terminate unexpectedly, and possibly allow an attacker to take control of a compromised system. Users are recommended to implement some workarounds to mitigate the impact of this vulnerability. Full instructions are available at Microsoft Security Advisory 2755801.

F-Secure detects the files taking advantage of this vulnerability as Exploit:W32/CVE-2012-1535 starting in Hydra database version 2012-09-25_01, which was released on 25 September 2012. Please allow F-Secure products to block installation of files that take advantage of this vulnerability.

CVE Reference

  • CVE-2012-1535

Detected Exploit

  • Exploit:W32/CVE-2012-1535
  • Exploit:W32/Defeater.F
  • Exploit:W32/Defeater.G
  • Hydra database version 2012-09-25_01
  • Hydra database version 2012-09-20_04
Release Dates
  • 25 September 2012
  • 20 September 2012


To mitigate the impact of the vulnerability, please implement these suggested workarounds:

  • Prevent Adobe Flash Player from running
  • Prevent ActiveX controls from running
  • Set security zone settings to 'High'
  • Configure Internet Explorer to prompt before running Active Scripting

Please view the complete instructions at Microsoft Security Advisory 2755801

Version Update
Update to Adobe Flash Player version 11.3.300.271

Allow F-Secure Internet Security or F-Secure Anti-Virus to remove or disinfect malicious files.

Original Source