0-Day Fixes

Adobe Flash Player vulnerability in Internet Explorer 10

Details
Report ID: MAPP-CVE20121535
Date Published: 21 September 2012
Date Revised: 27 September 2012
Criticality: Critical
Compromise Type: application-crash
Compromise From: remote
Affected Product/Component:
Adobe Flash Player 11.3.300.270
Internet Explorer 10
Windows 8
Windows Server 2012

Summary

A vulnerability involving Adobe Flash Player in Internet Explorer 10 could cause the application to terminate unexpectedly, and possibly allow and attacker to take control of a compromised system.

Detailed Description

A vulnerability in Adobe Flash Player affects Internet Explorer 10 on supported editions of Windows 8 and Windows Server 2012. There are reports on this vulnerability being exploited in the wild, where the exploit is targeting the ActiveX version of Flash Player for Internet Explorer on Windows. 

The vulnerability could cause the application to terminate unexpectedly, and possibly allow an attacker to take control of a compromised system. Users are recommended to implement some workarounds to mitigate the impact of this vulnerability. Full instructions are available at Microsoft Security Advisory 2755801.

F-Secure detects the files taking advantage of this vulnerability as Exploit:W32/CVE-2012-1535 starting in Hydra database version 2012-09-25_01, which was released on 25 September 2012. Please allow F-Secure products to block installation of files that take advantage of this vulnerability.

CVE Reference

  • CVE-2012-1535

Detected Exploit

Detections
  • Exploit:W32/CVE-2012-1535
  • Exploit:W32/Defeater.F
  • Exploit:W32/Defeater.G
Databases
  • Hydra database version 2012-09-25_01
  • Hydra database version 2012-09-20_04
Release Dates
  • 25 September 2012
  • 20 September 2012

Solution

To mitigate the impact of the vulnerability, please implement these suggested workarounds:

  • Prevent Adobe Flash Player from running
  • Prevent ActiveX controls from running
  • Set security zone settings to 'High'
  • Configure Internet Explorer to prompt before running Active Scripting

Please view the complete instructions at Microsoft Security Advisory 2755801


Version Update
Update to Adobe Flash Player version 11.3.300.271
 

Removal/Disinfection
Allow F-Secure Internet Security or F-Secure Anti-Virus to remove or disinfect malicious files.

Original Source