Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Products & Solutions

Faster than the speed of light: Analysis of a Flash Zero-Day

February 24, 2014 - 1 min read

Last week, Zscaler ThreatLabZ has published analysis of a Flash zero-day vulnerability that has been getting attention in the news. Adobe has issued a security bulletin for the vulnerability, which had been infecting machines with a remote access trojan (RAT).

The vulnerability is fairly sophisticated, embedding encrypted shell code within an image that subsequently downloads the malware. Check out the research blog post for the full analysis.

ImageAs Zscaler security researcher Krishnan Subramanian notes:

"Browser plugins continue to be the Achilles heel of enterprise security. While enterprises struggle to ensure that browser plugins are up to date on all end user systems to prevent browser exploit kits from targeting known vulnerabilities, here we see yet another demonstration where even that is not enough. Attackers continue to identify and exploit 0day vulnerabilities in popular web browser plugins such as Adobe Flash, which unfortunately has a long history of dealing with such threats."

form submtited
Thank you for reading

Was this post useful?

dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.