The dangerous Angler exploit kit has a new piece of ammunition to use in its attacks: a fresh Adobe Flash zero-day vulnerability. The kit is exploiting the previously unknown vulnerability in several versions of Internet Explorer running on Windows 7 and Windows 8.
Fraser Kyne, principal systems engineer, Bromium says: "This is yet more proof that existing security tools are failing. It is simply not good enough to wait for something bad to happen, start a stopwatch, and see how quickly we can react to avert a disaster. Particularly when the attackers started their stopwatches some time ago. Companies need a modern approach to protect against modern threats. This does not mean the hopeless task of detection. It means making our systems robust to malware by design."
Adam Winn, product manager, OPSWAT adds his voice: “While the rise of yet another zero-day attack is unnerving, the silver lining here is that a fully patched Windows 8.1 environment is not vulnerable. Users of Windows 8.1 can protect themselves simply by ensuring Windows automatic updates are enabled, and promptly rebooting their system when instructed to. These types of attacks are going to become increasingly common for Windows XP and soon Windows 7 as Microsoft stops releasing security updates.”